{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 3.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1802",
        "url": "https://access.redhat.com/errata/RHSA-2017:1802"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.1_Release_Notes/index.html",
        "url": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.1_Release_Notes/index.html"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/vulnerabilities/httpoxy",
        "url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/2435491",
        "url": "https://access.redhat.com/solutions/2435491"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1802.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server Service Pack 1 security update",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:15+00:00",
      "generator": {
        "date": "2025-02-02T20:02:15+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:1802",
      "initial_release_date": "2017-07-25T17:46:13+00:00",
      "revision_history": [
        {
          "date": "2017-07-25T17:46:13+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-25T17:46:13+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:15+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1",
                  "product_id": "Red Hat JBoss Web Server 3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "cve": "CVE-2016-7056",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2017-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1412120"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: ECDSA P-256 timing attack key recovery",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to exploit this flaw, the attacker needs to be have local (shell) access to the machine where the message is being signed using the ECDSA algorithm with a P-256 elliptic curve key. Then using cache timing attacks (which needs precise timing), on multiple signature runs, the private key could be obtained. Based on the factor that exploitation is difficult, Red Hat Product Security Team has rated this flaw as having Moderate impact. A further security release may address this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "RHBZ#1412120",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412120"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-7056",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056"
        }
      ],
      "release_date": "2017-01-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: ECDSA P-256 timing attack key recovery"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-7674",
      "discovery_date": "2017-08-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1480618"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Vary header not added by CORS filter leading to cache poisoning",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "RHBZ#1480618",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7674",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        }
      ],
      "release_date": "2017-08-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Vary header not added by CORS filter leading to cache poisoning"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 3.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1802",
        "url": "https://access.redhat.com/errata/RHSA-2017:1802"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.1_Release_Notes/index.html",
        "url": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.1_Release_Notes/index.html"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/vulnerabilities/httpoxy",
        "url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/2435491",
        "url": "https://access.redhat.com/solutions/2435491"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1802.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server Service Pack 1 security update",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:15+00:00",
      "generator": {
        "date": "2025-02-02T20:02:15+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:1802",
      "initial_release_date": "2017-07-25T17:46:13+00:00",
      "revision_history": [
        {
          "date": "2017-07-25T17:46:13+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-25T17:46:13+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:15+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1",
                  "product_id": "Red Hat JBoss Web Server 3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "cve": "CVE-2016-7056",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2017-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1412120"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: ECDSA P-256 timing attack key recovery",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to exploit this flaw, the attacker needs to be have local (shell) access to the machine where the message is being signed using the ECDSA algorithm with a P-256 elliptic curve key. Then using cache timing attacks (which needs precise timing), on multiple signature runs, the private key could be obtained. Based on the factor that exploitation is difficult, Red Hat Product Security Team has rated this flaw as having Moderate impact. A further security release may address this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "RHBZ#1412120",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412120"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-7056",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056"
        }
      ],
      "release_date": "2017-01-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: ECDSA P-256 timing attack key recovery"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-7674",
      "discovery_date": "2017-08-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1480618"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Vary header not added by CORS filter leading to cache poisoning",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "RHBZ#1480618",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7674",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        }
      ],
      "release_date": "2017-08-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Vary header not added by CORS filter leading to cache poisoning"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat6 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:3080",
        "url": "https://access.redhat.com/errata/RHSA-2017:3080"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1461851",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461851"
      },
      {
        "category": "external",
        "summary": "1493220",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
      },
      {
        "category": "external",
        "summary": "1494283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3080.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat6 security update",
    "tracking": {
      "current_release_date": "2025-01-19T19:40:10+00:00",
      "generator": {
        "date": "2025-01-19T19:40:10+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:3080",
      "initial_release_date": "2017-10-30T00:15:02+00:00",
      "revision_history": [
        {
          "date": "2017-10-30T00:15:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-10-30T00:15:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-19T19:40:10+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                  "product_id": "6Workstation-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-111.el6_9.src",
                "product": {
                  "name": "tomcat6-0:6.0.24-111.el6_9.src",
                  "product_id": "tomcat6-0:6.0.24-111.el6_9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-12615",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1493220"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Remote Code Execution via JSP Upload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "RHBZ#1493220",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2017-09-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Remote Code Execution via JSP Upload"
    },
    {
      "cve": "CVE-2017-12617",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-09-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1494283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "RHBZ#1494283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2017-09-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 2.1.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2.1.2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2494",
        "url": "https://access.redhat.com/errata/RHSA-2017:2494"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/3155411",
        "url": "https://access.redhat.com/articles/3155411"
      },
      {
        "category": "external",
        "summary": "1377600",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
      },
      {
        "category": "external",
        "summary": "1384743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2494.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2 security update",
    "tracking": {
      "current_release_date": "2025-01-09T05:37:29+00:00",
      "generator": {
        "date": "2025-01-09T05:37:29+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.5"
        }
      },
      "id": "RHSA-2017:2494",
      "initial_release_date": "2017-08-21T15:22:58+00:00",
      "revision_history": [
        {
          "date": "2017-08-21T15:22:58+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-08-21T15:22:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-09T05:37:29+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 2.1",
                "product": {
                  "name": "Red Hat JBoss Web Server 2.1",
                  "product_id": "Red Hat JBoss Web Server 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1801",
        "url": "https://access.redhat.com/errata/RHSA-2017:1801"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "JWS-657",
        "url": "https://issues.redhat.com/browse/JWS-657"
      },
      {
        "category": "external",
        "summary": "JWS-667",
        "url": "https://issues.redhat.com/browse/JWS-667"
      },
      {
        "category": "external",
        "summary": "JWS-695",
        "url": "https://issues.redhat.com/browse/JWS-695"
      },
      {
        "category": "external",
        "summary": "JWS-709",
        "url": "https://issues.redhat.com/browse/JWS-709"
      },
      {
        "category": "external",
        "summary": "JWS-716",
        "url": "https://issues.redhat.com/browse/JWS-716"
      },
      {
        "category": "external",
        "summary": "JWS-717",
        "url": "https://issues.redhat.com/browse/JWS-717"
      },
      {
        "category": "external",
        "summary": "JWS-725",
        "url": "https://issues.redhat.com/browse/JWS-725"
      },
      {
        "category": "external",
        "summary": "JWS-741",
        "url": "https://issues.redhat.com/browse/JWS-741"
      },
      {
        "category": "external",
        "summary": "JWS-760",
        "url": "https://issues.redhat.com/browse/JWS-760"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1801.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:10+00:00",
      "generator": {
        "date": "2025-02-02T20:02:10+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:1801",
      "initial_release_date": "2017-07-25T16:44:35+00:00",
      "revision_history": [
        {
          "date": "2017-07-25T16:44:35+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-25T16:44:35+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:10+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
                  "product_id": "7Server-JWS-3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
                  "product_id": "6Server-JWS-3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el7.src",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el7.src",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el7.src",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el7.src",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el6.src",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el6.src",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el6.src",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el6.src",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el6?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "cve": "CVE-2016-7056",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2017-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1412120"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: ECDSA P-256 timing attack key recovery",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to exploit this flaw, the attacker needs to be have local (shell) access to the machine where the message is being signed using the ECDSA algorithm with a P-256 elliptic curve key. Then using cache timing attacks (which needs precise timing), on multiple signature runs, the private key could be obtained. Based on the factor that exploitation is difficult, Red Hat Product Security Team has rated this flaw as having Moderate impact. A further security release may address this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "RHBZ#1412120",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412120"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-7056",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056"
        }
      ],
      "release_date": "2017-01-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: ECDSA P-256 timing attack key recovery"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-7674",
      "discovery_date": "2017-08-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1480618"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Vary header not added by CORS filter leading to cache poisoning",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "RHBZ#1480618",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7674",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        }
      ],
      "release_date": "2017-08-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Vary header not added by CORS filter leading to cache poisoning"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2633",
        "url": "https://access.redhat.com/errata/RHSA-2017:2633"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2633.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update",
    "tracking": {
      "current_release_date": "2025-02-02T20:03:01+00:00",
      "generator": {
        "date": "2025-02-02T20:03:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2633",
      "initial_release_date": "2017-09-05T14:32:20+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T14:32:20+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T14:32:20+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:03:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4",
                  "product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2637",
        "url": "https://access.redhat.com/errata/RHSA-2017:2637"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2637.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 5",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:20+00:00",
      "generator": {
        "date": "2025-02-02T20:02:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2637",
      "initial_release_date": "2017-09-05T15:04:25+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:04:25+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:04:25+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
                  "product_id": "5Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2.1.2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2493",
        "url": "https://access.redhat.com/errata/RHSA-2017:2493"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/3155411",
        "url": "https://access.redhat.com/articles/3155411"
      },
      {
        "category": "external",
        "summary": "1377600",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
      },
      {
        "category": "external",
        "summary": "1384743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2493.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2 security update",
    "tracking": {
      "current_release_date": "2025-01-09T05:37:24+00:00",
      "generator": {
        "date": "2025-01-09T05:37:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.5"
        }
      },
      "id": "RHSA-2017:2493",
      "initial_release_date": "2017-08-21T15:33:48+00:00",
      "revision_history": [
        {
          "date": "2017-08-21T15:33:48+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-08-21T15:33:48+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-09T05:37:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
                  "product_id": "6Server-JBEWS-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
                  "product_id": "7Server-JBEWS-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el7?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in Tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1809",
        "url": "https://access.redhat.com/errata/RHSA-2017:1809"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1809.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat security update",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:25+00:00",
      "generator": {
        "date": "2024-12-29T18:20:25+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:1809",
      "initial_release_date": "2017-07-27T06:10:12+00:00",
      "revision_history": [
        {
          "date": "2017-07-27T06:10:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-27T06:10:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:25+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client (v. 7)",
                  "product_id": "7Client-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                  "product_id": "7Client-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
                  "product_id": "7ComputeNode-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
                  "product_id": "7ComputeNode-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                  "product_id": "7Workstation-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-0:7.0.69-12.el7_3.src",
                "product": {
                  "name": "tomcat-0:7.0.69-12.el7_3.src",
                  "product_id": "tomcat-0:7.0.69-12.el7_3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@7.0.69-12.el7_3?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-lib@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-webapps@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-27T06:10:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1809"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-27T06:10:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1809"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2638",
        "url": "https://access.redhat.com/errata/RHSA-2017:2638"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2638.json"
      }
    ],
    "title": "Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2024-12-29T18:21:06+00:00",
      "generator": {
        "date": "2024-12-29T18:21:06+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:2638",
      "initial_release_date": "2017-09-05T15:36:46+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:36:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:36:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:21:06+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                  "product_id": "6Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                "product": {
                  "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_id": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.17-1.Final_redhat_4.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                "product": {
                  "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_id": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.17-1.Final_redhat_4.ep6.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                "product": {
                  "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                  "product_id": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.17-1.Final_redhat_4.ep6.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        },
        "product_reference": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src"
        },
        "product_reference": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        },
        "product_reference": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2635",
        "url": "https://access.redhat.com/errata/RHSA-2017:2635"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2635.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 6",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:27+00:00",
      "generator": {
        "date": "2025-02-02T20:02:27+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2635",
      "initial_release_date": "2017-09-05T15:07:46+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:07:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:07:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:27+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                  "product_id": "6Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat6 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:3080",
        "url": "https://access.redhat.com/errata/RHSA-2017:3080"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1461851",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461851"
      },
      {
        "category": "external",
        "summary": "1493220",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
      },
      {
        "category": "external",
        "summary": "1494283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3080.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat6 security update",
    "tracking": {
      "current_release_date": "2025-01-19T19:40:10+00:00",
      "generator": {
        "date": "2025-01-19T19:40:10+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:3080",
      "initial_release_date": "2017-10-30T00:15:02+00:00",
      "revision_history": [
        {
          "date": "2017-10-30T00:15:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-10-30T00:15:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-19T19:40:10+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                  "product_id": "6Workstation-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-111.el6_9.src",
                "product": {
                  "name": "tomcat6-0:6.0.24-111.el6_9.src",
                  "product_id": "tomcat6-0:6.0.24-111.el6_9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-12615",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1493220"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Remote Code Execution via JSP Upload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "RHBZ#1493220",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2017-09-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Remote Code Execution via JSP Upload"
    },
    {
      "cve": "CVE-2017-12617",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-09-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1494283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "RHBZ#1494283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2017-09-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2.1.2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2493",
        "url": "https://access.redhat.com/errata/RHSA-2017:2493"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/3155411",
        "url": "https://access.redhat.com/articles/3155411"
      },
      {
        "category": "external",
        "summary": "1377600",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
      },
      {
        "category": "external",
        "summary": "1384743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2493.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2 security update",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:15+00:00",
      "generator": {
        "date": "2024-12-29T18:20:15+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:2493",
      "initial_release_date": "2017-08-21T15:33:48+00:00",
      "revision_history": [
        {
          "date": "2017-08-21T15:33:48+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-08-21T15:33:48+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:15+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
                  "product_id": "6Server-JBEWS-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
                  "product_id": "7Server-JBEWS-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el7?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2635",
        "url": "https://access.redhat.com/errata/RHSA-2017:2635"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2635.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 6",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:27+00:00",
      "generator": {
        "date": "2025-02-02T20:02:27+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2635",
      "initial_release_date": "2017-09-05T15:07:46+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:07:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:07:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:27+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                  "product_id": "6Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 2.1.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2.1.2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2494",
        "url": "https://access.redhat.com/errata/RHSA-2017:2494"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/3155411",
        "url": "https://access.redhat.com/articles/3155411"
      },
      {
        "category": "external",
        "summary": "1377600",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
      },
      {
        "category": "external",
        "summary": "1384743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2494.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2 security update",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:21+00:00",
      "generator": {
        "date": "2024-12-29T18:20:21+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:2494",
      "initial_release_date": "2017-08-21T15:22:58+00:00",
      "revision_history": [
        {
          "date": "2017-08-21T15:22:58+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-08-21T15:22:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:21+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 2.1",
                "product": {
                  "name": "Red Hat JBoss Web Server 2.1",
                  "product_id": "Red Hat JBoss Web Server 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2635",
        "url": "https://access.redhat.com/errata/RHSA-2017:2635"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2635.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 6",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:54+00:00",
      "generator": {
        "date": "2024-12-29T18:20:54+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:2635",
      "initial_release_date": "2017-09-05T15:07:46+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:07:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:07:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:54+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                  "product_id": "6Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
          "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
          "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:07:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2635"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6.src",
            "6Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6.src",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.noarch",
            "6Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in Tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1809",
        "url": "https://access.redhat.com/errata/RHSA-2017:1809"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1809.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat security update",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:25+00:00",
      "generator": {
        "date": "2024-12-29T18:20:25+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:1809",
      "initial_release_date": "2017-07-27T06:10:12+00:00",
      "revision_history": [
        {
          "date": "2017-07-27T06:10:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-27T06:10:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:25+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client (v. 7)",
                  "product_id": "7Client-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                  "product_id": "7Client-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
                  "product_id": "7ComputeNode-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
                  "product_id": "7ComputeNode-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                  "product_id": "7Workstation-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-0:7.0.69-12.el7_3.src",
                "product": {
                  "name": "tomcat-0:7.0.69-12.el7_3.src",
                  "product_id": "tomcat-0:7.0.69-12.el7_3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@7.0.69-12.el7_3?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-lib@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-webapps@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-27T06:10:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1809"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-27T06:10:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1809"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Web Server 2.1.2 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Web Server 2.1.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2.1.2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2493",
        "url": "https://access.redhat.com/errata/RHSA-2017:2493"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/3155411",
        "url": "https://access.redhat.com/articles/3155411"
      },
      {
        "category": "external",
        "summary": "1377600",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
      },
      {
        "category": "external",
        "summary": "1384743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2493.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2 security update",
    "tracking": {
      "current_release_date": "2025-01-09T05:37:24+00:00",
      "generator": {
        "date": "2025-01-09T05:37:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.5"
        }
      },
      "id": "RHSA-2017:2493",
      "initial_release_date": "2017-08-21T15:33:48+00:00",
      "revision_history": [
        {
          "date": "2017-08-21T15:33:48+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-08-21T15:33:48+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-09T05:37:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
                  "product_id": "6Server-JBEWS-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
                  "product_id": "7Server-JBEWS-2",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el6?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el7?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el7?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                "product": {
                  "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                  "product_id": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.0.2h-13.jbcs.el6?arch=i686\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_id": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-25_patch_05.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-17_patch_04.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-maven-devel@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_id": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.54-25_patch_05.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-log4j@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-maven-devel@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.41-17_patch_04.ep6.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 6 Server",
          "product_id": "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64 as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64"
        },
        "product_reference": "jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src"
        },
        "product_reference": "tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src"
        },
        "product_reference": "tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Web Server 2 for RHEL 7 Server",
          "product_id": "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEWS-2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
          "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
          "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
          "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
          "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
          "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
          "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:33:48+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted. After installing the updated packages, the httpd daemon will be restarted automatically.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2493"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.src",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.i686",
            "6Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el6.x86_64",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el6.src",
            "6Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el6.src",
            "6Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "6Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el6.noarch",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.src",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-debuginfo-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-devel-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-libs-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-perl-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:jbcs-httpd24-openssl-static-1:1.0.2h-13.jbcs.el7.x86_64",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-0:6.0.41-17_patch_04.ep6.el7.src",
            "7Server-JBEWS-2:tomcat6-admin-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-docs-webapp-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-el-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-javadoc-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-jsp-2.1-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-lib-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-log4j-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-maven-devel-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-servlet-2.5-api-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat6-webapps-0:6.0.41-17_patch_04.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-0:7.0.54-25_patch_05.ep6.el7.src",
            "7Server-JBEWS-2:tomcat7-admin-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-docs-webapp-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-el-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-javadoc-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-jsp-2.2-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-lib-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-log4j-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-maven-devel-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-servlet-3.0-api-0:7.0.54-25_patch_05.ep6.el7.noarch",
            "7Server-JBEWS-2:tomcat7-webapps-0:7.0.54-25_patch_05.ep6.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1801",
        "url": "https://access.redhat.com/errata/RHSA-2017:1801"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "JWS-657",
        "url": "https://issues.redhat.com/browse/JWS-657"
      },
      {
        "category": "external",
        "summary": "JWS-667",
        "url": "https://issues.redhat.com/browse/JWS-667"
      },
      {
        "category": "external",
        "summary": "JWS-695",
        "url": "https://issues.redhat.com/browse/JWS-695"
      },
      {
        "category": "external",
        "summary": "JWS-709",
        "url": "https://issues.redhat.com/browse/JWS-709"
      },
      {
        "category": "external",
        "summary": "JWS-716",
        "url": "https://issues.redhat.com/browse/JWS-716"
      },
      {
        "category": "external",
        "summary": "JWS-717",
        "url": "https://issues.redhat.com/browse/JWS-717"
      },
      {
        "category": "external",
        "summary": "JWS-725",
        "url": "https://issues.redhat.com/browse/JWS-725"
      },
      {
        "category": "external",
        "summary": "JWS-741",
        "url": "https://issues.redhat.com/browse/JWS-741"
      },
      {
        "category": "external",
        "summary": "JWS-760",
        "url": "https://issues.redhat.com/browse/JWS-760"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1801.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:37+00:00",
      "generator": {
        "date": "2024-12-29T18:20:37+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:1801",
      "initial_release_date": "2017-07-25T16:44:35+00:00",
      "revision_history": [
        {
          "date": "2017-07-25T16:44:35+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-25T16:44:35+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:37+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
                  "product_id": "7Server-JWS-3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
                  "product_id": "6Server-JWS-3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el7.src",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el7.src",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el7.src",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el7.src",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el6.src",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el6.src",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el6.src",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el6.src",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el6?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "cve": "CVE-2016-7056",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2017-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1412120"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: ECDSA P-256 timing attack key recovery",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to exploit this flaw, the attacker needs to be have local (shell) access to the machine where the message is being signed using the ECDSA algorithm with a P-256 elliptic curve key. Then using cache timing attacks (which needs precise timing), on multiple signature runs, the private key could be obtained. Based on the factor that exploitation is difficult, Red Hat Product Security Team has rated this flaw as having Moderate impact. A further security release may address this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "RHBZ#1412120",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412120"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-7056",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056"
        }
      ],
      "release_date": "2017-01-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: ECDSA P-256 timing attack key recovery"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-7674",
      "discovery_date": "2017-08-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1480618"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Vary header not added by CORS filter leading to cache poisoning",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "RHBZ#1480618",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7674",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        }
      ],
      "release_date": "2017-08-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Vary header not added by CORS filter leading to cache poisoning"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2637",
        "url": "https://access.redhat.com/errata/RHSA-2017:2637"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2637.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 5",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:47+00:00",
      "generator": {
        "date": "2024-12-29T18:20:47+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:2637",
      "initial_release_date": "2017-09-05T15:04:25+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:04:25+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:04:25+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:47+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
                  "product_id": "5Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2633",
        "url": "https://access.redhat.com/errata/RHSA-2017:2633"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2633.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update",
    "tracking": {
      "current_release_date": "2024-12-29T18:21:24+00:00",
      "generator": {
        "date": "2024-12-29T18:21:24+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:2633",
      "initial_release_date": "2017-09-05T14:32:20+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T14:32:20+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T14:32:20+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:21:24+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4",
                  "product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 2.1.2.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nApache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nThis release provides an update to OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.\n\nUsers of Red Hat JBoss Web Server 2.1.2 should upgrade to these updated packages, which resolve several security issues.\n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2494",
        "url": "https://access.redhat.com/errata/RHSA-2017:2494"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=2.1.2"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/articles/3155411",
        "url": "https://access.redhat.com/articles/3155411"
      },
      {
        "category": "external",
        "summary": "1377600",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
      },
      {
        "category": "external",
        "summary": "1384743",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2494.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 2 security update",
    "tracking": {
      "current_release_date": "2025-01-09T05:37:29+00:00",
      "generator": {
        "date": "2025-01-09T05:37:29+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.5"
        }
      },
      "id": "RHSA-2017:2494",
      "initial_release_date": "2017-08-21T15:22:58+00:00",
      "revision_history": [
        {
          "date": "2017-08-21T15:22:58+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-08-21T15:22:58+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-01-09T05:37:29+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 2.1",
                "product": {
                  "name": "Red Hat JBoss Web Server 2.1",
                  "product_id": "Red Hat JBoss Web Server 2.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 2.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-08-21T15:22:58+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2494"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 2.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2636",
        "url": "https://access.redhat.com/errata/RHSA-2017:2636"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2636.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 7",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:34+00:00",
      "generator": {
        "date": "2025-02-02T20:02:34+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2636",
      "initial_release_date": "2017-09-05T15:01:10+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:01:10+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:01:10+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:34+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
                  "product_id": "7Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2636",
        "url": "https://access.redhat.com/errata/RHSA-2017:2636"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2636.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 7",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:34+00:00",
      "generator": {
        "date": "2025-02-02T20:02:34+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2636",
      "initial_release_date": "2017-09-05T15:01:10+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:01:10+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:01:10+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:34+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
                  "product_id": "7Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2637",
        "url": "https://access.redhat.com/errata/RHSA-2017:2637"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2637.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 5",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:20+00:00",
      "generator": {
        "date": "2025-02-02T20:02:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2637",
      "initial_release_date": "2017-09-05T15:04:25+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:04:25+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:04:25+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
                  "product_id": "5Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el5?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el5?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5 Server",
          "product_id": "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
        "relates_to_product_reference": "5Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
          "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
          "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:04:25+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2637"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5.src",
            "5Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5.src",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5.src",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.noarch",
            "5Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2638",
        "url": "https://access.redhat.com/errata/RHSA-2017:2638"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2638.json"
      }
    ],
    "title": "Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:41+00:00",
      "generator": {
        "date": "2025-02-02T20:02:41+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2638",
      "initial_release_date": "2017-09-05T15:36:46+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:36:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:36:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:41+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                  "product_id": "6Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                "product": {
                  "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_id": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.17-1.Final_redhat_4.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                "product": {
                  "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_id": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.17-1.Final_redhat_4.ep6.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                "product": {
                  "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                  "product_id": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.17-1.Final_redhat_4.ep6.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        },
        "product_reference": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src"
        },
        "product_reference": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        },
        "product_reference": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2636",
        "url": "https://access.redhat.com/errata/RHSA-2017:2636"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2636.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update on RHEL 7",
    "tracking": {
      "current_release_date": "2024-12-29T18:21:00+00:00",
      "generator": {
        "date": "2024-12-29T18:21:00+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:2636",
      "initial_release_date": "2017-09-05T15:01:10+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:01:10+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:01:10+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:21:00+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
                  "product_id": "7Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el7?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossweb@7.5.24-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-vfs2@3.2.12-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ear@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-ejb@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-common@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-web@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata-appclient@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-metadata@7.2.3-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-marshalling@1.4.10-3.SP3_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-remote@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-core@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-cachestore-jdbc@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/infinispan-client-hotrod@5.2.22-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-entitymanager-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-envers-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-infinispan-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hibernate4-core-eap6@4.2.27-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-remoting3@3.3.10-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                  "product_id": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/hornetq@2.3.25-22.SP20_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-modules@1.3.10-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                  "product_id": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/apache-cxf@2.7.18-7.SP6_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-mapper-asl@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-jaxrs@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-xc@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                "product": {
                  "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_id": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/codehaus-jackson-core-asl@1.9.9-11.redhat_5.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_id": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-federation@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_id": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/picketlink-bindings@2.5.4-17.SP15_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_id": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-jboss-logmanager@1.1.4-1.Final_redhat_1.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-javadocs@7.5.17-4.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-webservices@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-client-all@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-repository@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-xts@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-service@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-modcluster@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-http@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-network@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cmp@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jacorb@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-platform-mbean@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jpa@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-naming@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-server@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ejb3@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-core-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-threads@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-controller-client@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-pojo@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-sar@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-osgi@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-weld@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-mail@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-configadmin@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-picketlink@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-protocol@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxrs@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-domain-management@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-logging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-host-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jaxr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jdr@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsr77@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-connector@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-cli@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-transactions@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-clustering@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-embedded@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-jsf@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-version@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-system-jmx@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-process-controller@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-deployment-scanner@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-ee-deployment@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-web@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-management-client-content@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-security@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-messaging@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-as-remoting@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-standalone@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-product-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-domain@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-appclient@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-welcome-content-eap@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-core@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-bundles@7.5.17-2.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                "product": {
                  "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                  "product_id": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jbossas-modules-eap@7.5.17-1.Final_redhat_4.1.ep6.el7?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src"
        },
        "product_reference": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch"
        },
        "product_reference": "codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src"
        },
        "product_reference": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7 Server",
          "product_id": "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        },
        "product_reference": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
          "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
          "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:01:10+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2636"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7.src",
            "7Server-JBEAP-6.4:codehaus-jackson-core-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-jaxrs-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-mapper-asl-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:codehaus-jackson-xc-0:1.9.9-11.redhat_5.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-core-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:hibernate4-entitymanager-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-envers-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hibernate4-infinispan-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:infinispan-cachestore-jdbc-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-cachestore-remote-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-client-hotrod-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:infinispan-core-0:5.2.22-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-metadata-appclient-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-common-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ear-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-ejb-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-metadata-web-0:7.2.3-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7.src",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.noarch",
            "7Server-JBEAP-6.4:picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7.src"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1801",
        "url": "https://access.redhat.com/errata/RHSA-2017:1801"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "JWS-657",
        "url": "https://issues.redhat.com/browse/JWS-657"
      },
      {
        "category": "external",
        "summary": "JWS-667",
        "url": "https://issues.redhat.com/browse/JWS-667"
      },
      {
        "category": "external",
        "summary": "JWS-695",
        "url": "https://issues.redhat.com/browse/JWS-695"
      },
      {
        "category": "external",
        "summary": "JWS-709",
        "url": "https://issues.redhat.com/browse/JWS-709"
      },
      {
        "category": "external",
        "summary": "JWS-716",
        "url": "https://issues.redhat.com/browse/JWS-716"
      },
      {
        "category": "external",
        "summary": "JWS-717",
        "url": "https://issues.redhat.com/browse/JWS-717"
      },
      {
        "category": "external",
        "summary": "JWS-725",
        "url": "https://issues.redhat.com/browse/JWS-725"
      },
      {
        "category": "external",
        "summary": "JWS-741",
        "url": "https://issues.redhat.com/browse/JWS-741"
      },
      {
        "category": "external",
        "summary": "JWS-760",
        "url": "https://issues.redhat.com/browse/JWS-760"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1801.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:10+00:00",
      "generator": {
        "date": "2025-02-02T20:02:10+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:1801",
      "initial_release_date": "2017-07-25T16:44:35+00:00",
      "revision_history": [
        {
          "date": "2017-07-25T16:44:35+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-25T16:44:35+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:10+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1 for RHEL 7",
                  "product_id": "7Server-JWS-3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1 for RHEL 6",
                  "product_id": "6Server-JWS-3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el7?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el6?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el7.src",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el7.src",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el7.src",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el7.src",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el7.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el7?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el6.src",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el6.src",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el6?arch=src"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el6.src",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el6.src",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-22.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                "product": {
                  "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                  "product_id": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-24.ep7.el7?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                "product": {
                  "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_id": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/log4j-eap6@1.2.16-12.redhat_3.1.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-webapps@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsp-2.3-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-servlet-3.1-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-selinux@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-el-2.2-api@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-docs-webapp@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-admin-webapps@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-javadoc@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-jsvc@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-lib@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                "product": {
                  "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                  "product_id": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat8-log4j@8.0.36-24.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-admin-webapps@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-el-2.2-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-lib@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsvc@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-docs-webapp@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-webapps@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-servlet-3.0-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-jsp-2.2-api@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-selinux@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-log4j@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                "product": {
                  "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                  "product_id": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat7-javadoc@7.0.70-22.ep7.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                "product": {
                  "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_id": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native@1.2.8-10.redhat_10.ep7.el6?arch=i686"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                "product": {
                  "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_id": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-native-debuginfo@1.2.8-10.redhat_10.ep7.el6?arch=i686"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el6.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el6.src",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 6",
          "product_id": "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch"
        },
        "product_reference": "tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
        "relates_to_product_reference": "6Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src"
        },
        "product_reference": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64"
        },
        "product_reference": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64 as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64"
        },
        "product_reference": "tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-0:7.0.70-22.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src"
        },
        "product_reference": "tomcat7-0:7.0.70-22.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch"
        },
        "product_reference": "tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-0:8.0.36-24.ep7.el7.src as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src"
        },
        "product_reference": "tomcat8-0:8.0.36-24.ep7.el7.src",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch as a component of Red Hat JBoss Web Server 3.1 for RHEL 7",
          "product_id": "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        },
        "product_reference": "tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch",
        "relates_to_product_reference": "7Server-JWS-3.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "cve": "CVE-2016-7056",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2017-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1412120"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: ECDSA P-256 timing attack key recovery",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to exploit this flaw, the attacker needs to be have local (shell) access to the machine where the message is being signed using the ECDSA algorithm with a P-256 elliptic curve key. Then using cache timing attacks (which needs precise timing), on multiple signature runs, the private key could be obtained. Based on the factor that exploitation is difficult, Red Hat Product Security Team has rated this flaw as having Moderate impact. A further security release may address this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "RHBZ#1412120",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412120"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-7056",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056"
        }
      ],
      "release_date": "2017-01-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: ECDSA P-256 timing attack key recovery"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-7674",
      "discovery_date": "2017-08-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1480618"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Vary header not added by CORS filter leading to cache poisoning",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "RHBZ#1480618",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7674",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        }
      ],
      "release_date": "2017-08-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Vary header not added by CORS filter leading to cache poisoning"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
          "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
          "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
          "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
          "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
          "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
          "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
          "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
          "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
          "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
          "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
          "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T16:44:35+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1801"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.noarch",
            "6Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.src",
            "6Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.i686",
            "6Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el6.x86_64",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el6.src",
            "6Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el6.src",
            "6Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el6.noarch",
            "6Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el6.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.noarch",
            "7Server-JWS-3.1:log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.src",
            "7Server-JWS-3.1:tomcat-native-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat-native-debuginfo-0:1.2.8-10.redhat_10.ep7.el7.x86_64",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-0:7.0.70-22.ep7.el7.src",
            "7Server-JWS-3.1:tomcat7-admin-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-docs-webapp-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-el-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-javadoc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsp-2.2-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-jsvc-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-lib-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-log4j-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-selinux-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-servlet-3.0-api-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat7-webapps-0:7.0.70-22.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-0:8.0.36-24.ep7.el7.src",
            "7Server-JWS-3.1:tomcat8-admin-webapps-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-docs-webapp-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-el-2.2-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-javadoc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsp-2.3-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-jsvc-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-lib-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-log4j-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-selinux-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-servlet-3.1-api-0:8.0.36-24.ep7.el7.noarch",
            "7Server-JWS-3.1:tomcat8-webapps-0:8.0.36-24.ep7.el7.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in Tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1809",
        "url": "https://access.redhat.com/errata/RHSA-2017:1809"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1809.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat security update",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:25+00:00",
      "generator": {
        "date": "2024-12-29T18:20:25+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:1809",
      "initial_release_date": "2017-07-27T06:10:12+00:00",
      "revision_history": [
        {
          "date": "2017-07-27T06:10:12+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-27T06:10:12+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:25+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client (v. 7)",
                  "product_id": "7Client-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Client Optional (v. 7)",
                  "product_id": "7Client-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode (v. 7)",
                  "product_id": "7ComputeNode-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
                  "product_id": "7ComputeNode-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 7)",
                  "product_id": "7Server-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 7)",
                  "product_id": "7Server-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 7)",
                  "product_id": "7Workstation-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
                  "product_id": "7Workstation-optional-7.3.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-0:7.0.69-12.el7_3.src",
                "product": {
                  "name": "tomcat-0:7.0.69-12.el7_3.src",
                  "product_id": "tomcat-0:7.0.69-12.el7_3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@7.0.69-12.el7_3?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-admin-webapps@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-lib@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-webapps@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-servlet-3.0-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-el-2.2-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsp-2.2-api@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-javadoc@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-jsvc@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                "product": {
                  "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                  "product_id": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat-docs-webapp@7.0.69-12.el7_3?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client (v. 7)",
          "product_id": "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
          "product_id": "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Client-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode (v. 7)",
          "product_id": "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
          "product_id": "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7ComputeNode-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
          "product_id": "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
          "product_id": "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Server-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
          "product_id": "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-0:7.0.69-12.el7_3.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src"
        },
        "product_reference": "tomcat-0:7.0.69-12.el7_3.src",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-lib-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-lib-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat-webapps-0:7.0.69-12.el7_3.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
          "product_id": "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        },
        "product_reference": "tomcat-webapps-0:7.0.69-12.el7_3.noarch",
        "relates_to_product_reference": "7Workstation-optional-7.3.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-27T06:10:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1809"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
          "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
          "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-27T06:10:12+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1809"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Client-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Client-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7ComputeNode-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7ComputeNode-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Server-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Server-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-0:7.0.69-12.el7_3.src",
            "7Workstation-optional-7.3.Z:tomcat-admin-webapps-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-docs-webapp-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-el-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-javadoc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsp-2.2-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-jsvc-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-lib-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-servlet-3.0-api-0:7.0.69-12.el7_3.noarch",
            "7Workstation-optional-7.3.Z:tomcat-webapps-0:7.0.69-12.el7_3.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for jboss-ec2-eap is now available for Red Hat JBoss Enterprise Application Platform 6.4 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2).\n\nWith this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.17.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2638",
        "url": "https://access.redhat.com/errata/RHSA-2017:2638"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2638.json"
      }
    ],
    "title": "Red Hat Security Advisory: jboss-ec2-eap security, bug fix, and enhancement update",
    "tracking": {
      "current_release_date": "2025-02-02T20:02:41+00:00",
      "generator": {
        "date": "2025-02-02T20:02:41+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2638",
      "initial_release_date": "2017-09-05T15:36:46+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T15:36:46+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T15:36:46+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:02:41+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
                  "product_id": "6Server-JBEAP-6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                "product": {
                  "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_id": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap-samples@7.5.17-1.Final_redhat_4.ep6.el6?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                "product": {
                  "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_id": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.17-1.Final_redhat_4.ep6.el6?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                "product": {
                  "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                  "product_id": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/jboss-ec2-eap@7.5.17-1.Final_redhat_4.ep6.el6?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        },
        "product_reference": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src"
        },
        "product_reference": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch as a component of Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6 Server",
          "product_id": "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        },
        "product_reference": "jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
        "relates_to_product_reference": "6Server-JBEAP-6.4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
          "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
          "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T15:36:46+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2638"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch",
            "6Server-JBEAP-6.4:jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6.src",
            "6Server-JBEAP-6.4:jboss-ec2-eap-samples-0:7.5.17-1.Final_redhat_4.ep6.el6.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Enterprise Application Platform 6.4.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server.\n\nThis release of Red Hat JBoss Enterprise Application Platform 6.4.17 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.16, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-7525)\n\nRed Hat would like to thank Liao Xinxi (NSFOCUS) for reporting CVE-2017-7525.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:2633",
        "url": "https://access.redhat.com/errata/RHSA-2017:2633"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/",
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=6.4"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1462702",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2633.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.17 update",
    "tracking": {
      "current_release_date": "2025-02-02T20:03:01+00:00",
      "generator": {
        "date": "2025-02-02T20:03:01+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.6"
        }
      },
      "id": "RHSA-2017:2633",
      "initial_release_date": "2017-09-05T14:32:20+00:00",
      "revision_history": [
        {
          "date": "2017-09-05T14:32:20+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-09-05T14:32:20+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-02-02T20:03:01+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Enterprise Application Platform 6.4",
                "product": {
                  "name": "Red Hat JBoss Enterprise Application Platform 6.4",
                  "product_id": "Red Hat JBoss Enterprise Application Platform 6.4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Enterprise Application Platform"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Liao Xinxi"
          ],
          "organization": "NSFOCUS"
        }
      ],
      "cve": "CVE-2017-7525",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-06-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1462702"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "RHBZ#1462702",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
        }
      ],
      "release_date": "2017-07-14T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Enterprise Application Platform 6.4"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-09-05T14:32:20+00:00",
          "details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:2633"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat JBoss Enterprise Application Platform 6.4"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update is now available for Red Hat JBoss Web Server 3.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library.\n\nThis release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:1802",
        "url": "https://access.redhat.com/errata/RHSA-2017:1802"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1",
        "url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=webserver\u0026downloadType=securityPatches\u0026version=3.1"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.1_Release_Notes/index.html",
        "url": "https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Web_Server/3/html-single/3.1_Release_Notes/index.html"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/vulnerabilities/httpoxy",
        "url": "https://access.redhat.com/security/vulnerabilities/httpoxy"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/solutions/2435491",
        "url": "https://access.redhat.com/solutions/2435491"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1441223",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
      },
      {
        "category": "external",
        "summary": "1443635",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_1802.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat JBoss Web Server Service Pack 1 security update",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:43+00:00",
      "generator": {
        "date": "2024-12-29T18:20:43+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:1802",
      "initial_release_date": "2017-07-25T17:46:13+00:00",
      "revision_history": [
        {
          "date": "2017-07-25T17:46:13+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-07-25T17:46:13+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:43+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat JBoss Web Server 3.1",
                "product": {
                  "name": "Red Hat JBoss Web Server 3.1",
                  "product_id": "Red Hat JBoss Web Server 3.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat JBoss Web Server"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "the OpenSSL project"
          ]
        },
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc.",
          "summary": "Acknowledged by upstream."
        }
      ],
      "cve": "CVE-2016-6304",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2016-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1377600"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: OCSP Status Request extension unbounded memory growth",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "TLS server applications using OpenSSL versions in Red Hat Enterprise Linux 6 and 7 are only affected if they enable OCSP stapling support. Applications not enabling OCSP stapling support are not affected. Few applications implement OCSP stapling support and typically do not enable it by default.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "RHBZ#1377600",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1377600"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-6304",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6304"
        },
        {
          "category": "external",
          "summary": "https://www.openssl.org/news/secadv/20160922.txt",
          "url": "https://www.openssl.org/news/secadv/20160922.txt"
        }
      ],
      "release_date": "2016-09-22T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "openssl: OCSP Status Request extension unbounded memory growth"
    },
    {
      "cve": "CVE-2016-7056",
      "cwe": {
        "id": "CWE-385",
        "name": "Covert Timing Channel"
      },
      "discovery_date": "2017-01-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1412120"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openssl: ECDSA P-256 timing attack key recovery",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "In order to exploit this flaw, the attacker needs to be have local (shell) access to the machine where the message is being signed using the ECDSA algorithm with a P-256 elliptic curve key. Then using cache timing attacks (which needs precise timing), on multiple signature runs, the private key could be obtained. Based on the factor that exploitation is difficult, Red Hat Product Security Team has rated this flaw as having Moderate impact. A further security release may address this flaw.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "RHBZ#1412120",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1412120"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-7056",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-7056"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7056"
        }
      ],
      "release_date": "2017-01-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openssl: ECDSA P-256 timing attack key recovery"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Shi Lei"
          ],
          "organization": "Gear Team of Qihoo 360 Inc."
        }
      ],
      "cve": "CVE-2016-8610",
      "discovery_date": "2016-10-14T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1384743"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue. This issue has been rated as having a security impact of Moderate. It requires an attacker to send a very large amount of SSL ALERT messages to the host network connection. This issue can also be mitigated by configuring firewalls to limit the number of connections per IP address, or use deep packet inspection to reject these type of alert packets. A future update may address this issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "RHBZ#1384743",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1384743"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2016-8610",
          "url": "https://www.cve.org/CVERecord?id=CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-8610"
        },
        {
          "category": "external",
          "summary": "http://security.360.cn/cve/CVE-2016-8610",
          "url": "http://security.360.cn/cve/CVE-2016-8610"
        }
      ],
      "release_date": "2016-10-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "SSL/TLS: Malformed plain-text ALERT packets could cause remote DoS"
    },
    {
      "cve": "CVE-2017-5645",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2017-04-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1443635"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: Socket receiver deserialization vulnerability",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "RHBZ#1443635",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5645",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5645"
        }
      ],
      "release_date": "2017-04-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: Socket receiver deserialization vulnerability"
    },
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5648",
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441223"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Calls to application listeners did not use the appropriate facade object",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441223",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441223"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5648",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5648"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5648"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Calls to application listeners did not use the appropriate facade object"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-7674",
      "discovery_date": "2017-08-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1480618"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where the CORS Filter did not send a \"Vary: Origin\" HTTP header. This potentially allowed sensitive data to be leaked to other visitors through both client-side and server-side caches.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Vary header not added by CORS filter leading to cache poisoning",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "RHBZ#1480618",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1480618"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-7674",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7674"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        }
      ],
      "release_date": "2017-08-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "tomcat: Vary header not added by CORS filter leading to cache poisoning"
    },
    {
      "cve": "CVE-2019-17571",
      "cwe": {
        "id": "CWE-502",
        "name": "Deserialization of Untrusted Data"
      },
      "discovery_date": "2019-12-20T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1785616"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Log4j, where a vulnerable SocketServer class may lead to the deserialization of untrusted data. This flaw allows an attacker to remotely execute arbitrary code when combined with a deserialization gadget.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "log4j: deserialization of untrusted data in SocketServer",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is the same issue as CVE-2017-5645. MITRE has CVE-2017-5645 to a similar flaw found in log4j-2.x. The flaw found in log4j-1.2 has been assigned CVE-2019-17571. CVE-2019-17571 has been addressed in Red Hat Enterprise Linux via RHSA-2017:2423.\nAlso the rh-java-common-log4j package shipped with Red Hat Software Collections was addressed via RHSA-2017:1417\n\nIn Satellite 5.8, although the version of log4j as shipped in the nutch package is affected, nutch does not load any of the SocketServer classes from log4j. Satellite 5 is considered not vulnerable to this flaw since the affected code can not be reached.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat JBoss Web Server 3.1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "RHBZ#1785616",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1785616"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2019-17571",
          "url": "https://www.cve.org/CVERecord?id=CVE-2019-17571"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-17571"
        }
      ],
      "release_date": "2019-12-20T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-07-25T17:46:13+00:00",
          "details": "Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:1802"
        },
        {
          "category": "workaround",
          "details": "Please note that the Log4j upstream strongly recommends against using the SerializedLayout with the SocketAppenders. Customers may mitigate this issue by removing the SocketServer class outright; or if they must continue to use SocketAppenders, they can modify their SocketAppender configuration from SerializedLayout to use JsonLayout instead. An example of this in log4j-server.properties might look like this:\n\nlog4j.appender.file.layout=org.apache.log4j.JsonLayout",
          "product_ids": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat JBoss Web Server 3.1"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "log4j: deserialization of untrusted data in SocketServer"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for tomcat6 is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies.\n\nSecurity Fix(es):\n\n* A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647)\n\n* A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution. (CVE-2017-12615, CVE-2017-12617)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2017:3080",
        "url": "https://access.redhat.com/errata/RHSA-2017:3080"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "1441205",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
      },
      {
        "category": "external",
        "summary": "1459158",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "category": "external",
        "summary": "1461851",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1461851"
      },
      {
        "category": "external",
        "summary": "1493220",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
      },
      {
        "category": "external",
        "summary": "1494283",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3080.json"
      }
    ],
    "title": "Red Hat Security Advisory: tomcat6 security update",
    "tracking": {
      "current_release_date": "2024-12-29T18:20:19+00:00",
      "generator": {
        "date": "2024-12-29T18:20:19+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.2.4"
        }
      },
      "id": "RHSA-2017:3080",
      "initial_release_date": "2017-10-30T00:15:02+00:00",
      "revision_history": [
        {
          "date": "2017-10-30T00:15:02+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2017-10-30T00:15:02+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2024-12-29T18:20:19+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
                  "product_id": "6Client-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::client"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
                  "product_id": "6ComputeNode-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server (v. 6)",
                  "product_id": "6Server-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Server Optional (v. 6)",
                  "product_id": "6Server-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::server"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation (v. 6)",
                  "product_id": "6Workstation-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                "product": {
                  "name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
                  "product_id": "6Workstation-optional-6.9.z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-jsp-2.1-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-javadoc@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-servlet-2.5-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-el-2.1-api@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-webapps@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-lib@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-admin-webapps@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                "product": {
                  "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                  "product_id": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6-docs-webapp@6.0.24-111.el6_9?arch=noarch"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "tomcat6-0:6.0.24-111.el6_9.src",
                "product": {
                  "name": "tomcat6-0:6.0.24-111.el6_9.src",
                  "product_id": "tomcat6-0:6.0.24-111.el6_9.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/tomcat6@6.0.24-111.el6_9?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
          "product_id": "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Client-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
          "product_id": "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6ComputeNode-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
          "product_id": "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
          "product_id": "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Server-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
          "product_id": "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-0:6.0.24-111.el6_9.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src"
        },
        "product_reference": "tomcat6-0:6.0.24-111.el6_9.src",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-lib-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-lib-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
          "product_id": "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        },
        "product_reference": "tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
        "relates_to_product_reference": "6Workstation-optional-6.9.z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-5647",
      "cwe": {
        "id": "CWE-200",
        "name": "Exposure of Sensitive Information to an Unauthorized Actor"
      },
      "discovery_date": "2017-04-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1441205"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat\u0027s handling of pipelined requests when \"Sendfile\" was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Incorrect handling of pipelined requests when send file was used",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "RHBZ#1441205",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1441205"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5647",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5647"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5647"
        }
      ],
      "release_date": "2017-04-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "The AJP connector does not support the sendfile capability.  A server configured to only use the AJP connector (disable HTTP Connector) is not affected by this vulnerability.\n\nDisable the sendfile capability by setting useSendfile=\"false\" in the HTTP connector configuration.  Note: Disabling sendfile, may impact performance on large files.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Incorrect handling of pipelined requests when send file was used"
    },
    {
      "cve": "CVE-2017-5664",
      "cwe": {
        "id": "CWE-266",
        "name": "Incorrect Privilege Assignment"
      },
      "discovery_date": "2017-06-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1459158"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in the error page mechanism in Tomcat\u0027s DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Security constrained bypass in error page mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw can be triggered for static error pages only if the readonly property for the DefaultServlet is set to false in the $CATALINA_HOME/conf/web.xml file.  The default for readonly is true.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "RHBZ#1459158",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-5664",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15",
          "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
        }
      ],
      "release_date": "2017-06-06T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "If it is necessary to have the DefaultServlet property readonly=false, use a jsp error page, for example Error404.jsp rather than a static html error page. Alternatively do not specify an error-page in the Deployment Descriptor and use a custom ErrorReportValve.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Security constrained bypass in error page mechanism"
    },
    {
      "cve": "CVE-2017-12615",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-09-19T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1493220"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Remote Code Execution via JSP Upload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "RHBZ#1493220",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1493220"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12615",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12615"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81",
          "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.81"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2017-09-19T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Remote Code Execution via JSP Upload"
    },
    {
      "cve": "CVE-2017-12617",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2017-09-21T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "1494283"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered in Tomcat where if a servlet context was configured with readonly=false and HTTP PUT requests were allowed, an attacker could upload a JSP file to that context and achieve code execution.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tomcat: Remote Code Execution bypass for CVE-2017-12615",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw affects Tomcat on Red Hat Enterprise Linux only when a specific context is configured with readonly=false. The default configuration has a readonly context, so it is not affected.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
          "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
          "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "RHBZ#1494283",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494283"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2017-12617",
          "url": "https://www.cve.org/CVERecord?id=CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12617"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-7.html",
          "url": "https://tomcat.apache.org/security-7.html"
        },
        {
          "category": "external",
          "summary": "https://tomcat.apache.org/security-8.html",
          "url": "https://tomcat.apache.org/security-8.html"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
          "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        }
      ],
      "release_date": "2017-09-21T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2017-10-30T00:15:02+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2017:3080"
        },
        {
          "category": "workaround",
          "details": "Ensure that readonly is set to true (the default) for the DefaultServlet, WebDAV servlet or application context.\n\nBlock HTTP methods that permit resource modification for untrusted users.",
          "product_ids": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Client-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Client-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6ComputeNode-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6ComputeNode-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Server-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Server-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-0:6.0.24-111.el6_9.src",
            "6Workstation-optional-6.9.z:tomcat6-admin-webapps-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-docs-webapp-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-el-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-javadoc-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-jsp-2.1-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-lib-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-servlet-2.5-api-0:6.0.24-111.el6_9.noarch",
            "6Workstation-optional-6.9.z:tomcat6-webapps-0:6.0.24-111.el6_9.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "exploit_status",
          "date": "2022-03-25T00:00:00+00:00",
          "details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
        },
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tomcat: Remote Code Execution bypass for CVE-2017-12615"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Data Protection Advisor ist eine Monitoring L\u00f6sung. Der Collector ist der lokale Agent.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Dell Data Protection Advisor ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Berechtigungen zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0528 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0528.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0528 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0528"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-107 vom 2024-02-29",
        "url": "https://www.dell.com/support/kbdoc/000222618/dsa-2024-="
      }
    ],
    "source_lang": "en-US",
    "title": "Dell Data Protection Advisor: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-29T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:05:58.480+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0528",
      "initial_release_date": "2024-02-29T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-29T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 19.10",
                "product": {
                  "name": "Dell Data Protection Advisor \u003c 19.10",
                  "product_id": "T033198"
                }
              }
            ],
            "category": "product_name",
            "name": "Data Protection Advisor"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-45648",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-45648"
    },
    {
      "cve": "CVE-2023-42795",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-42795"
    },
    {
      "cve": "CVE-2023-41080",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-41080"
    },
    {
      "cve": "CVE-2023-34055",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-28708",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-28708"
    },
    {
      "cve": "CVE-2023-28154",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-28154"
    },
    {
      "cve": "CVE-2023-22081",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-22081"
    },
    {
      "cve": "CVE-2023-22067",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-22067"
    },
    {
      "cve": "CVE-2023-22025",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-22025"
    },
    {
      "cve": "CVE-2023-20883",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-20883"
    },
    {
      "cve": "CVE-2023-20873",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-20873"
    },
    {
      "cve": "CVE-2023-20863",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-20863"
    },
    {
      "cve": "CVE-2023-20861",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-20861"
    },
    {
      "cve": "CVE-2022-46175",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-46175"
    },
    {
      "cve": "CVE-2022-41854",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-41854"
    },
    {
      "cve": "CVE-2022-38752",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-38752"
    },
    {
      "cve": "CVE-2022-38751",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-38751"
    },
    {
      "cve": "CVE-2022-38750",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-38750"
    },
    {
      "cve": "CVE-2022-38749",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-38749"
    },
    {
      "cve": "CVE-2022-37603",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-37603"
    },
    {
      "cve": "CVE-2022-37601",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-37601"
    },
    {
      "cve": "CVE-2022-37599",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-37599"
    },
    {
      "cve": "CVE-2022-31129",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-31129"
    },
    {
      "cve": "CVE-2022-27772",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-27772"
    },
    {
      "cve": "CVE-2022-25881",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-25881"
    },
    {
      "cve": "CVE-2022-25858",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-25858"
    },
    {
      "cve": "CVE-2022-22971",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22971"
    },
    {
      "cve": "CVE-2022-22970",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22970"
    },
    {
      "cve": "CVE-2022-22968",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22968"
    },
    {
      "cve": "CVE-2022-22965",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22965"
    },
    {
      "cve": "CVE-2022-22950",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22950"
    },
    {
      "cve": "CVE-2021-43980",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2021-43980"
    },
    {
      "cve": "CVE-2021-33037",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-30640",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2020-5421",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-5421"
    },
    {
      "cve": "CVE-2020-1938",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-1938"
    },
    {
      "cve": "CVE-2020-1935",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-1935"
    },
    {
      "cve": "CVE-2020-13943",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-13943"
    },
    {
      "cve": "CVE-2020-13935",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-13935"
    },
    {
      "cve": "CVE-2020-13934",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-13934"
    },
    {
      "cve": "CVE-2020-11996",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-11996"
    },
    {
      "cve": "CVE-2019-2684",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-2684"
    },
    {
      "cve": "CVE-2019-17563",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-17563"
    },
    {
      "cve": "CVE-2019-12418",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-12418"
    },
    {
      "cve": "CVE-2019-10072",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-10072"
    },
    {
      "cve": "CVE-2019-0232",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-0232"
    },
    {
      "cve": "CVE-2019-0221",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-0221"
    },
    {
      "cve": "CVE-2019-0199",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-0199"
    },
    {
      "cve": "CVE-2018-8037",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-8037"
    },
    {
      "cve": "CVE-2018-8034",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-8034"
    },
    {
      "cve": "CVE-2018-8014",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-8014"
    },
    {
      "cve": "CVE-2018-15756",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-15756"
    },
    {
      "cve": "CVE-2018-1336",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1336"
    },
    {
      "cve": "CVE-2018-1305",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1305"
    },
    {
      "cve": "CVE-2018-1304",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1304"
    },
    {
      "cve": "CVE-2018-1275",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1275"
    },
    {
      "cve": "CVE-2018-1272",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1272"
    },
    {
      "cve": "CVE-2018-1271",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1271"
    },
    {
      "cve": "CVE-2018-1270",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1270"
    },
    {
      "cve": "CVE-2018-1257",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1257"
    },
    {
      "cve": "CVE-2018-1199",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1199"
    },
    {
      "cve": "CVE-2018-1196",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1196"
    },
    {
      "cve": "CVE-2018-11784",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-11784"
    },
    {
      "cve": "CVE-2018-11040",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-11040"
    },
    {
      "cve": "CVE-2018-11039",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-11039"
    },
    {
      "cve": "CVE-2017-8046",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-8046"
    },
    {
      "cve": "CVE-2017-7675",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-7675"
    },
    {
      "cve": "CVE-2017-7674",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-7674"
    },
    {
      "cve": "CVE-2017-5664",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5664"
    },
    {
      "cve": "CVE-2017-5651",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5651"
    },
    {
      "cve": "CVE-2017-5650",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5650"
    },
    {
      "cve": "CVE-2017-5648",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5648"
    },
    {
      "cve": "CVE-2017-5647",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5647"
    },
    {
      "cve": "CVE-2017-18640",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-18640"
    },
    {
      "cve": "CVE-2017-12617",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-12617"
    },
    {
      "cve": "CVE-2016-9878",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-9878"
    },
    {
      "cve": "CVE-2016-8745",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-8745"
    },
    {
      "cve": "CVE-2016-8735",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-8735"
    },
    {
      "cve": "CVE-2016-6817",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-6817"
    },
    {
      "cve": "CVE-2016-6816",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-6816"
    }
  ]
}

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Data Protection Advisor ist eine Monitoring L\u00f6sung. Der Collector ist der lokale Agent.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Dell Data Protection Advisor ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Berechtigungen zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0528 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0528.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0528 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0528"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2024-107 vom 2024-02-29",
        "url": "https://www.dell.com/support/kbdoc/000222618/dsa-2024-="
      }
    ],
    "source_lang": "en-US",
    "title": "Dell Data Protection Advisor: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-02-29T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:05:58.480+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0528",
      "initial_release_date": "2024-02-29T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-02-29T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c 19.10",
                "product": {
                  "name": "Dell Data Protection Advisor \u003c 19.10",
                  "product_id": "T033198"
                }
              }
            ],
            "category": "product_name",
            "name": "Data Protection Advisor"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-45648",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-45648"
    },
    {
      "cve": "CVE-2023-42795",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-42795"
    },
    {
      "cve": "CVE-2023-41080",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-41080"
    },
    {
      "cve": "CVE-2023-34055",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-34055"
    },
    {
      "cve": "CVE-2023-28708",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-28708"
    },
    {
      "cve": "CVE-2023-28154",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-28154"
    },
    {
      "cve": "CVE-2023-22081",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-22081"
    },
    {
      "cve": "CVE-2023-22067",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-22067"
    },
    {
      "cve": "CVE-2023-22025",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-22025"
    },
    {
      "cve": "CVE-2023-20883",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-20883"
    },
    {
      "cve": "CVE-2023-20873",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-20873"
    },
    {
      "cve": "CVE-2023-20863",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-20863"
    },
    {
      "cve": "CVE-2023-20861",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2023-20861"
    },
    {
      "cve": "CVE-2022-46175",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-46175"
    },
    {
      "cve": "CVE-2022-41854",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-41854"
    },
    {
      "cve": "CVE-2022-38752",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-38752"
    },
    {
      "cve": "CVE-2022-38751",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-38751"
    },
    {
      "cve": "CVE-2022-38750",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-38750"
    },
    {
      "cve": "CVE-2022-38749",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-38749"
    },
    {
      "cve": "CVE-2022-37603",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-37603"
    },
    {
      "cve": "CVE-2022-37601",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-37601"
    },
    {
      "cve": "CVE-2022-37599",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-37599"
    },
    {
      "cve": "CVE-2022-31129",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-31129"
    },
    {
      "cve": "CVE-2022-27772",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-27772"
    },
    {
      "cve": "CVE-2022-25881",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-25881"
    },
    {
      "cve": "CVE-2022-25858",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-25858"
    },
    {
      "cve": "CVE-2022-22971",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22971"
    },
    {
      "cve": "CVE-2022-22970",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22970"
    },
    {
      "cve": "CVE-2022-22968",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22968"
    },
    {
      "cve": "CVE-2022-22965",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22965"
    },
    {
      "cve": "CVE-2022-22950",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2022-22950"
    },
    {
      "cve": "CVE-2021-43980",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2021-43980"
    },
    {
      "cve": "CVE-2021-33037",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2021-33037"
    },
    {
      "cve": "CVE-2021-30640",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2021-30640"
    },
    {
      "cve": "CVE-2020-5421",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-5421"
    },
    {
      "cve": "CVE-2020-1938",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-1938"
    },
    {
      "cve": "CVE-2020-1935",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-1935"
    },
    {
      "cve": "CVE-2020-13943",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-13943"
    },
    {
      "cve": "CVE-2020-13935",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-13935"
    },
    {
      "cve": "CVE-2020-13934",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-13934"
    },
    {
      "cve": "CVE-2020-11996",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2020-11996"
    },
    {
      "cve": "CVE-2019-2684",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-2684"
    },
    {
      "cve": "CVE-2019-17563",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-17563"
    },
    {
      "cve": "CVE-2019-12418",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-12418"
    },
    {
      "cve": "CVE-2019-10072",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-10072"
    },
    {
      "cve": "CVE-2019-0232",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-0232"
    },
    {
      "cve": "CVE-2019-0221",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-0221"
    },
    {
      "cve": "CVE-2019-0199",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2019-0199"
    },
    {
      "cve": "CVE-2018-8037",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-8037"
    },
    {
      "cve": "CVE-2018-8034",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-8034"
    },
    {
      "cve": "CVE-2018-8014",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-8014"
    },
    {
      "cve": "CVE-2018-15756",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-15756"
    },
    {
      "cve": "CVE-2018-1336",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1336"
    },
    {
      "cve": "CVE-2018-1305",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1305"
    },
    {
      "cve": "CVE-2018-1304",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1304"
    },
    {
      "cve": "CVE-2018-1275",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1275"
    },
    {
      "cve": "CVE-2018-1272",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1272"
    },
    {
      "cve": "CVE-2018-1271",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1271"
    },
    {
      "cve": "CVE-2018-1270",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1270"
    },
    {
      "cve": "CVE-2018-1257",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1257"
    },
    {
      "cve": "CVE-2018-1199",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1199"
    },
    {
      "cve": "CVE-2018-1196",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-1196"
    },
    {
      "cve": "CVE-2018-11784",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-11784"
    },
    {
      "cve": "CVE-2018-11040",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-11040"
    },
    {
      "cve": "CVE-2018-11039",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2018-11039"
    },
    {
      "cve": "CVE-2017-8046",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-8046"
    },
    {
      "cve": "CVE-2017-7675",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-7675"
    },
    {
      "cve": "CVE-2017-7674",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-7674"
    },
    {
      "cve": "CVE-2017-5664",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5664"
    },
    {
      "cve": "CVE-2017-5651",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5651"
    },
    {
      "cve": "CVE-2017-5650",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5650"
    },
    {
      "cve": "CVE-2017-5648",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5648"
    },
    {
      "cve": "CVE-2017-5647",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-5647"
    },
    {
      "cve": "CVE-2017-18640",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-18640"
    },
    {
      "cve": "CVE-2017-12617",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2017-12617"
    },
    {
      "cve": "CVE-2016-9878",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-9878"
    },
    {
      "cve": "CVE-2016-8745",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-8745"
    },
    {
      "cve": "CVE-2016-8735",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-8735"
    },
    {
      "cve": "CVE-2016-6817",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-6817"
    },
    {
      "cve": "CVE-2016-6816",
      "notes": [
        {
          "category": "description",
          "text": "Es bestehen mehrere Schwachstellen in Dell Data Protection Advisor. Diese Fehler bestehen in den Komponenten von Drittanbietern wie Apache Tomcat, Java SE oder Spring Framework und anderen aufgrund mehrerer sicherheitsrelevanter Probleme. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Code auszuf\u00fchren, einen Denial-of-Service-Zustand herbeizuf\u00fchren, Dateien zu manipulieren, vertrauliche Informationen offenzulegen, seine Rechte zu erweitern oder einen nicht spezifizierten Angriff durchzuf\u00fchren."
        }
      ],
      "release_date": "2024-02-29T23:00:00.000+00:00",
      "title": "CVE-2016-6816"
    }
  ]
}

{
  "GSD": {
    "alias": "CVE-2017-5664",
    "description": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method.",
    "id": "GSD-2017-5664",
    "references": [
      "https://www.suse.com/security/cve/CVE-2017-5664.html",
      "https://www.debian.org/security/2017/dsa-3891",
      "https://www.debian.org/security/2017/dsa-3892",
      "https://access.redhat.com/errata/RHSA-2017:3080",
      "https://access.redhat.com/errata/RHSA-2017:2638",
      "https://access.redhat.com/errata/RHSA-2017:2637",
      "https://access.redhat.com/errata/RHSA-2017:2636",
      "https://access.redhat.com/errata/RHSA-2017:2635",
      "https://access.redhat.com/errata/RHSA-2017:2633",
      "https://access.redhat.com/errata/RHSA-2017:2494",
      "https://access.redhat.com/errata/RHSA-2017:2493",
      "https://access.redhat.com/errata/RHSA-2017:1809",
      "https://access.redhat.com/errata/RHSA-2017:1802",
      "https://access.redhat.com/errata/RHSA-2017:1801",
      "https://ubuntu.com/security/CVE-2017-5664",
      "https://advisories.mageia.org/CVE-2017-5664.html",
      "https://security.archlinux.org/CVE-2017-5664",
      "https://alas.aws.amazon.com/cve/html/CVE-2017-5664.html",
      "https://linux.oracle.com/cve/CVE-2017-5664.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2017-5664"
      ],
      "details": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method.",
      "id": "GSD-2017-5664",
      "modified": "2023-12-13T01:21:13.324116Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@apache.org",
        "ID": "CVE-2017-5664",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Apache Tomcat",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "9.0.0.M1 to 9.0.0.M20"
                        },
                        {
                          "version_value": "8.5.0 to 8.5.14"
                        },
                        {
                          "version_value": "8.0.0.RC1 to 8.0.43"
                        },
                        {
                          "version_value": "7.0.0 to 7.0.77"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Apache Software Foundation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Security Constrainy Bypass"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "DSA-3891",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2017/dsa-3891"
          },
          {
            "name": "https://security.netapp.com/advisory/ntap-20171019-0002/",
            "refsource": "CONFIRM",
            "url": "https://security.netapp.com/advisory/ntap-20171019-0002/"
          },
          {
            "name": "98888",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/98888"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "name": "RHSA-2017:3080",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:3080"
          },
          {
            "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us",
            "refsource": "CONFIRM",
            "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us"
          },
          {
            "name": "RHSA-2017:1801",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1801"
          },
          {
            "name": "RHSA-2017:2635",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:2635"
          },
          {
            "name": "RHSA-2017:2638",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:2638"
          },
          {
            "name": "RHSA-2017:2494",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:2494"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
          },
          {
            "name": "[tomcat-users] 20170606 [SECURITY] CVE-2017-5664 Apache Tomcat Security Constraint Bypass",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E"
          },
          {
            "name": "RHSA-2017:2636",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:2636"
          },
          {
            "name": "RHSA-2017:1809",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1809"
          },
          {
            "name": "RHSA-2017:2637",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:2637"
          },
          {
            "name": "1038641",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1038641"
          },
          {
            "name": "DSA-3892",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2017/dsa-3892"
          },
          {
            "name": "RHSA-2017:2633",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:2633"
          },
          {
            "name": "RHSA-2017:1802",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:1802"
          },
          {
            "name": "RHSA-2017:2493",
            "refsource": "REDHAT",
            "url": "https://access.redhat.com/errata/RHSA-2017:2493"
          },
          {
            "name": "[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
          },
          {
            "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
            "refsource": "MISC",
            "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
          },
          {
            "name": "[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
          },
          {
            "name": "[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/",
            "refsource": "MLIST",
            "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "[7.0.0,7.0.51],[7.0.54,7.0.77],[8.0.0,8.0.7],[8.0.9,8.0.43],[8.5.0,8.5.14],[9.0.0]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.51, all versions starting from 7.0.54 up to 7.0.77, all versions starting from 8.0.0 up to 8.0.7, all versions starting from 8.0.9 up to 8.0.43, all versions starting from 8.5.0 up to 8.5.14, version 9.0.0",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-755",
            "CWE-937"
          ],
          "date": "2019-10-03",
          "description": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. The Default Servlet in Apache Tomcat does not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method.",
          "fixed_versions": [
            "7.0.52",
            "7.0.78",
            "8.0.8",
            "8.0.44",
            "8.5.15",
            "9.0.1"
          ],
          "identifier": "CVE-2017-5664",
          "identifiers": [
            "CVE-2017-5664"
          ],
          "not_impacted": "All versions before 7.0.0, all versions after 7.0.51 before 7.0.54, all versions after 7.0.77 before 8.0.0, all versions after 8.0.7 before 8.0.9, all versions after 8.0.43 before 8.5.0, all versions after 8.5.14 before 9.0.0, all versions after 9.0.0",
          "package_slug": "maven/org.apache.tomcat.embed/tomcat-embed-core",
          "pubdate": "2017-06-06",
          "solution": "Upgrade to versions 7.0.52, 7.0.78, 8.0.8, 8.0.44, 8.5.15, 9.0.1 or above.",
          "title": "Improper Handling of Exceptional Conditions",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
            "http://www.securityfocus.com/bid/98888"
          ],
          "uuid": "42ff2823-30d1-40bc-b145-cb3ab8ec9659"
        },
        {
          "affected_range": "[7.0.0,7.0.77],[8.0.0,8.0.43],[8.5.0,8.5.14],[9.0.0.M1,9.0.0.M20]",
          "affected_versions": "All versions starting from 7.0.0 up to 7.0.77, all versions starting from 8.0.0 up to 8.0.43, all versions starting from 8.5.0 up to 8.5.14, all versions starting from 9.0.0.m1 up to 9.0.0.m20",
          "cvss_v2": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-755",
            "CWE-937"
          ],
          "date": "2022-07-01",
          "description": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 does not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method.",
          "fixed_versions": [
            "8.5.15",
            "9.0.0.M21",
            "7.0.78",
            "8.0.44"
          ],
          "identifier": "CVE-2017-5664",
          "identifiers": [
            "GHSA-jmvv-524f-hj5j",
            "CVE-2017-5664"
          ],
          "not_impacted": "All versions before 7.0.0, all versions after 7.0.77 before 8.0.0, all versions after 8.0.43 before 8.5.0, all versions after 8.5.14 before 9.0.0.m1, all versions after 9.0.0.m20",
          "package_slug": "maven/org.apache.tomcat/tomcat",
          "pubdate": "2022-05-13",
          "solution": "Upgrade to versions 8.5.15, 9.0.0.M21, 7.0.78, 8.0.44 or above.",
          "title": "Improper Handling of Exceptional Conditions",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2017-5664",
            "https://access.redhat.com/errata/RHSA-2017:1801",
            "https://access.redhat.com/errata/RHSA-2017:1802",
            "https://access.redhat.com/errata/RHSA-2017:1809",
            "https://access.redhat.com/errata/RHSA-2017:2493",
            "https://access.redhat.com/errata/RHSA-2017:2494",
            "https://access.redhat.com/errata/RHSA-2017:2633",
            "https://access.redhat.com/errata/RHSA-2017:2635",
            "https://access.redhat.com/errata/RHSA-2017:2636",
            "https://access.redhat.com/errata/RHSA-2017:2637",
            "https://access.redhat.com/errata/RHSA-2017:2638",
            "https://access.redhat.com/errata/RHSA-2017:3080",
            "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E",
            "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E",
            "https://security.netapp.com/advisory/ntap-20171019-0002/",
            "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us",
            "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
            "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
            "http://www.debian.org/security/2017/dsa-3891",
            "http://www.debian.org/security/2017/dsa-3892",
            "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
            "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
            "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
            "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
            "https://github.com/advisories/GHSA-jmvv-524f-hj5j"
          ],
          "uuid": "2bba9cc1-25e7-4728-af64-216d58a15205"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.76:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.74:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.75:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.77:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:7.0.73:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.39:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.42:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.41:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.38:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.43:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.0.37:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security@apache.org",
          "ID": "CVE-2017-5664"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-755"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "98888",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/98888"
            },
            {
              "name": "1038641",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1038641"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
            },
            {
              "name": "DSA-3892",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2017/dsa-3892"
            },
            {
              "name": "DSA-3891",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2017/dsa-3891"
            },
            {
              "name": "https://security.netapp.com/advisory/ntap-20171019-0002/",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://security.netapp.com/advisory/ntap-20171019-0002/"
            },
            {
              "name": "RHSA-2017:3080",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:3080"
            },
            {
              "name": "RHSA-2017:2638",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:2638"
            },
            {
              "name": "RHSA-2017:2637",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:2637"
            },
            {
              "name": "RHSA-2017:2636",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:2636"
            },
            {
              "name": "RHSA-2017:2635",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:2635"
            },
            {
              "name": "RHSA-2017:2633",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:2633"
            },
            {
              "name": "RHSA-2017:2494",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:2494"
            },
            {
              "name": "RHSA-2017:2493",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:2493"
            },
            {
              "name": "RHSA-2017:1809",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:1809"
            },
            {
              "name": "RHSA-2017:1802",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:1802"
            },
            {
              "name": "RHSA-2017:1801",
              "refsource": "REDHAT",
              "tags": [],
              "url": "https://access.redhat.com/errata/RHSA-2017:1801"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
            },
            {
              "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us"
            },
            {
              "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
              "refsource": "MISC",
              "tags": [],
              "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
              "refsource": "MISC",
              "tags": [],
              "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
            },
            {
              "name": "[tomcat-users] 20170606 [SECURITY] CVE-2017-5664 Apache Tomcat Security Constraint Bypass",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066%40%3Cannounce.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190319 svn commit: r1855831 [24/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190325 svn commit: r1856174 [23/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190413 svn commit: r1857496 [3/4] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190415 svn commit: r1857582 [18/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200203 svn commit: r1873527 [25/30] - /tomcat/site/trunk/docs/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
            },
            {
              "name": "[tomcat-dev] 20200213 svn commit: r1873980 [29/34] - /tomcat/site/trunk/docs/",
              "refsource": "",
              "tags": [],
              "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-12-08T16:41Z",
      "publishedDate": "2017-06-06T14:29Z"
    }
  }
}

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201706-0361",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apache",
        "version": "7.0.4"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apache",
        "version": "7.0.3"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apache",
        "version": "7.0.2"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apache",
        "version": "7.0.1"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "apache",
        "version": "7.0.5"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "apache",
        "version": "7.0.0"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.14"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.13"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.12"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.11"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.9"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.8"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.7"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.6"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.5"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.4"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.1"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.43"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.42"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.41"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.40"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.39"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.38"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.37"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.36"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.35"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.34"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.33"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.30"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.27"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.19"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.17"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.15"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.9"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.5"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.3"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.1"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.77"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.76"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.75"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.74"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.73"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.72"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.70"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.69"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.67"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.65"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.60"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.59"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.57"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.54"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.50"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.33"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.32"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.31"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.30"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.29"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.28"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.27"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.26"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.25"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.24"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.23"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.17"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.16"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.15"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.14"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.13"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.12"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.7"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.6"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.3"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.2"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.5.0"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "8.0.32"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.68"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.55"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.49"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.48"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.47"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.46"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.45"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.44"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.43"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.42"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.41"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.40"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.39"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.38"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.37"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.36"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.35"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.34"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.22"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.21"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.20"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.19"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.18"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.11"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "apache",
        "version": "7.0.10"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.28"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.31"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.29"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.66"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.21"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.22"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "9.0.0"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.18"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.7"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.56"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.0"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.64"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.71"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.12"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.20"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.63"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.11"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.16"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.6"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.24"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.25"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.10"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.61"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.58"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.9"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.23"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.26"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.5.10"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.8"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.51"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.4"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.14"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.2"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "7.0.62"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "apache",
        "version": "8.0.13"
      },
      {
        "model": "tomcat",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apache",
        "version": "7.0.0 from  7.0.77"
      },
      {
        "model": "tomcat",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apache",
        "version": "8.0.0.rc1 from  8.0.43"
      },
      {
        "model": "tomcat",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apache",
        "version": "8.5.0 from  8.5.14"
      },
      {
        "model": "tomcat",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "apache",
        "version": "9.0.0.m1 from  9.0.0.m20"
      },
      {
        "model": "mailshooter",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "simpwright",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v6"
      },
      {
        "model": "simpwright",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "v7"
      },
      {
        "model": "spoolserver/winspool series",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "nec",
        "version": "reportfiling ver5.2 ~ 6.2"
      },
      {
        "model": "webotx",
        "scope": null,
        "trust": 0.8,
        "vendor": "nec",
        "version": null
      },
      {
        "model": "jp1/cm2/network node manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "jp1/network node manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "hitachi",
        "version": null
      },
      {
        "model": "jboss web server for rhel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3.17"
      },
      {
        "model": "jboss web server for rhel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "3.16"
      },
      {
        "model": "jboss web server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "0"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2.1182"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.4.2.4181"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.4.1"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.4.0"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.3.4.3247"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.3.3.1199"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.3.2.1162"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.3.0.1098"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2.8.2223"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2.7.1204"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2.5.1141"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2.4.1102"
      },
      {
        "model": "mysql enterprise monitor",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.2.1.1049"
      },
      {
        "model": "hospitality guest access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "4.2.1.0"
      },
      {
        "model": "hospitality guest access",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "4.2.0.0"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "7"
      },
      {
        "model": "communications interactive session recorder",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.2"
      },
      {
        "model": "communications interactive session recorder",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.1"
      },
      {
        "model": "communications interactive session recorder",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "6.0"
      },
      {
        "model": "communications instant messaging server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "10.0.1"
      },
      {
        "model": "communications application session controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.8"
      },
      {
        "model": "communications application session controller",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "oracle",
        "version": "3.7.1"
      },
      {
        "model": "x-series xos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "9.7"
      },
      {
        "model": "x-series xos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "11.0"
      },
      {
        "model": "x-series xos",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "10.0"
      },
      {
        "model": "management center",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "1.11"
      },
      {
        "model": "mail threat defense",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "1.1"
      },
      {
        "model": "content analysis system",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "1.3"
      },
      {
        "model": "content analysis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "2.2"
      },
      {
        "model": "content analysis",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "2.1"
      },
      {
        "model": "advanced secure gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "6.7"
      },
      {
        "model": "advanced secure gateway",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "bluecoat",
        "version": "6.6"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apache",
        "version": "8.0.8"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apache",
        "version": "7.0.53"
      },
      {
        "model": "tomcat",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "apache",
        "version": "7.0"
      },
      {
        "model": "tomcat 9.0.0.m9",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m7",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m5",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m4",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m3",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m20",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m2",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m19",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m18",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m17",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m15",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m13",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m12",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m11",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m10",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 9.0.0.m1",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat 8.0.0.rc1",
        "scope": null,
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      },
      {
        "model": "tomcat",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apache",
        "version": "8.5.15"
      },
      {
        "model": "tomcat",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apache",
        "version": "8.0.44"
      },
      {
        "model": "tomcat",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apache",
        "version": "7.0.78"
      },
      {
        "model": "tomcat 9.0.0.m21",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "apache",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "98888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5664"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:apache:tomcat",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:nec:mailshooter",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:nec:simpwright",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/h:nec:spoolserver_winspool",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:nec:webotx",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:nec:websam",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:nec:websam_mcoperations",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:nec:websam_systemmanager",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:hitachi:jp1_cm2_network_node_manager",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:hitachi:jp1_network_node_manager",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Aniket Nandkishor Kulkarni",
    "sources": [
      {
        "db": "BID",
        "id": "98888"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2017-5664",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "CVE-2017-5664",
            "impactScore": 2.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.9,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2017-5664",
            "impactScore": 3.6,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2017-5664",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "NVD",
            "id": "CVE-2017-5664",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201706-192",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2017-5664",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-5664"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5664"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method. Apache Tomcat Contains a security restriction bypass vulnerability. The Apache Software Foundation From Apache Tomcat An update has been released for the following vulnerabilities: * * Security restriction bypass vulnerability related to error page processing (CVE-2017-5664 )Crafted HTTP By processing the request, the error page may be deleted or overwritten. \nAn attacker can exploit this issue to bypass certain security restrictions and perform unauthorized actions. This may lead to further attacks. ==========================================================================\nUbuntu Security Notice USN-3519-1\nJanuary 08, 2018\n\ntomcat7, tomcat8 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 17.04\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in Tomcat. A remote attacker could use this issue to\nobtain wrong responses possibly containing sensitive information. (CVE-2017-5664)\n\nIt was discovered that Tomcat incorrectly handled the CORS filter. \n(CVE-2017-7674)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 17.04:\n  libtomcat8-java                 8.0.38-2ubuntu2.2\n  tomcat8                         8.0.38-2ubuntu2.2\n\nUbuntu 16.04 LTS:\n  libtomcat8-java                 8.0.32-1ubuntu1.5\n  tomcat8                         8.0.32-1ubuntu1.5\n\nUbuntu 14.04 LTS:\n  libtomcat7-java                 7.0.52-1ubuntu0.13\n  tomcat7                         7.0.52-1ubuntu0.13\n\nIn general, a standard system update will make all the necessary changes. Description:\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and\nTransport Layer Security (TLS) protocols, as well as a full-strength\ngeneral-purpose cryptography library. The updates are documented in the Release Notes document\nlinked to in the References. \n\nSecurity Fix(es):\n\n* A memory leak flaw was found in the way OpenSSL handled TLS status\nrequest extension data during session renegotiation. A remote attacker\ncould cause a TLS server using OpenSSL to consume an excessive amount of\nmemory and, possibly, exit unexpectedly after exhausting all available\nmemory, if it enabled OCSP stapling support. (CVE-2016-6304)\n\n* A vulnerability was discovered in tomcat\u0027s handling of pipelined requests\nwhen \"Sendfile\" was used. If sendfile processing completed quickly, it was\npossible for the Processor to be added to the processor cache twice. This\ncould lead to invalid responses or information disclosure. (CVE-2017-5664)\n\n* A denial of service flaw was found in the way the TLS/SSL protocol\ndefined processing of ALERT packets during a connection handshake. A remote\nattacker could use this flaw to make a TLS/SSL server consume an excessive\namount of CPU and fail to accept connections from other clients. \n(CVE-2016-8610)\n\nRed Hat would like to thank the OpenSSL project for reporting CVE-2016-6304\nand Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. \nUpstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original\nreporter of CVE-2016-6304. Solution:\n\nBefore applying the update, back up your existing Red Hat JBoss Web Server\ninstallation (including all applications and configuration files). After installing the updated\npackages, the httpd daemon will be restarted automatically. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: tomcat security update\nAdvisory ID:       RHSA-2017:1809-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:1809\nIssue date:        2017-07-27\nCVE Names:         CVE-2017-5648 CVE-2017-5664 \n=====================================================================\n\n1. Summary:\n\nAn update for tomcat is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - noarch\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch\nRed Hat Enterprise Linux ComputeNode (v. 7) - noarch\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch\nRed Hat Enterprise Linux Server (v. 7) - noarch\nRed Hat Enterprise Linux Server Optional (v. 7) - noarch\nRed Hat Enterprise Linux Workstation (v. 7) - noarch\nRed Hat Enterprise Linux Workstation Optional (v. 7) - noarch\n\n3. When running an untrusted\napplication under a SecurityManager it was possible, under some\ncircumstances, for that application to retain references to the request or\nresponse objects and thereby access and/or modify information associated\nwith another web application. (CVE-2017-5648)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1441223 - CVE-2017-5648 tomcat: Calls to application listeners did not use the appropriate facade object\n1459158 - CVE-2017-5664 tomcat: Security constrained bypass in error page mechanism\n\n6. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\ntomcat-7.0.69-12.el7_3.src.rpm\n\nnoarch:\ntomcat-servlet-3.0-api-7.0.69-12.el7_3.noarch.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\ntomcat-7.0.69-12.el7_3.noarch.rpm\ntomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm\ntomcat-docs-webapp-7.0.69-12.el7_3.noarch.rpm\ntomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-javadoc-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsvc-7.0.69-12.el7_3.noarch.rpm\ntomcat-lib-7.0.69-12.el7_3.noarch.rpm\ntomcat-webapps-7.0.69-12.el7_3.noarch.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\ntomcat-7.0.69-12.el7_3.src.rpm\n\nnoarch:\ntomcat-servlet-3.0-api-7.0.69-12.el7_3.noarch.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\ntomcat-7.0.69-12.el7_3.noarch.rpm\ntomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm\ntomcat-docs-webapp-7.0.69-12.el7_3.noarch.rpm\ntomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-javadoc-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsvc-7.0.69-12.el7_3.noarch.rpm\ntomcat-lib-7.0.69-12.el7_3.noarch.rpm\ntomcat-webapps-7.0.69-12.el7_3.noarch.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\ntomcat-7.0.69-12.el7_3.src.rpm\n\nnoarch:\ntomcat-7.0.69-12.el7_3.noarch.rpm\ntomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm\ntomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-lib-7.0.69-12.el7_3.noarch.rpm\ntomcat-servlet-3.0-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-webapps-7.0.69-12.el7_3.noarch.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\ntomcat-7.0.69-12.el7_3.noarch.rpm\ntomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm\ntomcat-docs-webapp-7.0.69-12.el7_3.noarch.rpm\ntomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-javadoc-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsvc-7.0.69-12.el7_3.noarch.rpm\ntomcat-lib-7.0.69-12.el7_3.noarch.rpm\ntomcat-webapps-7.0.69-12.el7_3.noarch.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\ntomcat-7.0.69-12.el7_3.src.rpm\n\nnoarch:\ntomcat-7.0.69-12.el7_3.noarch.rpm\ntomcat-admin-webapps-7.0.69-12.el7_3.noarch.rpm\ntomcat-el-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsp-2.2-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-lib-7.0.69-12.el7_3.noarch.rpm\ntomcat-servlet-3.0-api-7.0.69-12.el7_3.noarch.rpm\ntomcat-webapps-7.0.69-12.el7_3.noarch.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nnoarch:\ntomcat-docs-webapp-7.0.69-12.el7_3.noarch.rpm\ntomcat-javadoc-7.0.69-12.el7_3.noarch.rpm\ntomcat-jsvc-7.0.69-12.el7_3.noarch.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-5648\nhttps://access.redhat.com/security/cve/CVE-2017-5664\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZeYTJXlSAg2UNWIIRAiRLAJ9mLApI6LC2N8mfgxyqv7Ndu04maACfaPeM\n/dGPQXHuX1omxWSQ/miLBj8=\n=Ia1W\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nSecurity Fix(es):\n\n* It was found that when using remote logging with log4j socket server the\nlog4j server would deserialize any log event received via TCP or UDP. An\nattacker could use this flaw to send a specially crafted log event that,\nduring deserialization, would execute arbitrary code in the context of the\nlogger application. (CVE-2017-5664)\n\n* A deserialization flaw was discovered in the jackson-databind which could\nallow an unauthenticated user to perform code execution by sending the\nmaliciously crafted input to the readValue method of the ObjectMapper. (CVE-2017-5664)\n\n* Two vulnerabilities were discovered in Tomcat where if a servlet context\nwas configured with readonly=false and HTTP PUT requests were allowed, an\nattacker could upload a JSP file to that context and achieve code\nexecution. (CVE-2017-12615, CVE-2017-12617)\n\n4. Note: the current version of the following document is available here:\nhttps://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03302206\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: KM03302206\nVersion: 1\n\nMFSBGN03837 rev.1 - Network Node Manager i, Multiple Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2018-12-12\nLast Updated: 2018-12-12\n\nPotential Security Impact: Remote: Cross-Site Scripting (XSS), Disclosure of\nInformation\n\nSource: Micro Focus, Product Security Response Team\n\nVULNERABILITY SUMMARY\nA vulnerabilities in Apache Tomcat was addressed by Micro Focus Network Node\nManager i. The vulnerability could be exploited Remote Cross-Site Scripting\n(XSS) and Remote Disclosure of Information\n\nReferences:\n\n  - PSRT110650\n  - CVE-2016-6816\n  - CVE-2017-5664\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n  - HPE Network Node Manager I (NNMi) Software 9.2x, 10.0x, 10.00 Patch 1,\n10.00 Patch 2, 10.00 Patch 3, 10.00 Patch 4, 10.00 Patch 5, 10.1x, 10.10\nPatch 1, 10.10 Patch 2, 10.10 Patch 3, 10.10 Patch 4, 10.2x, 10.20 Patch 1,\n10.20 Patch 2, 10.20 Patch 3, 10.30, 10.30 Patch 1\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n\nRESOLUTION\n\nMicro Focus has made the following software updates and mitigation\ninformation to resolve the vulnerability in Micro Focus Network Node Manager\ni:\nCustomers using v9.X must upgrade to v10.x and then install the patch below. \nPatches are available to address the vulnerabilities:\nFor v10.0x: Network Node Manager i 10.00 Patch 8 \n\tLinux \n[https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/\n/facetsearch/document/KM03139745](https://softwaresupport.softwaregrp.com/gro\np/softwaresupport/search-result/-/facetsearch/document/KM03139745)\n\tWindows\n[https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/\n/facetsearch/document/KM03139763](https://softwaresupport.softwaregrp.com/gro\np/softwaresupport/search-result/-/facetsearch/document/KM03139763)\nFor v10.1x: Network Node Manager i 10.10 Patch 7\n\tLinux\n[https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/\n/facetsearch/document/KM03139729](https://softwaresupport.softwaregrp.com/gro\np/softwaresupport/search-result/-/facetsearch/document/KM03139729)\n\tWindows\n[https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/\n/facetsearch/document/KM03139781](https://softwaresupport.softwaregrp.com/gro\np/softwaresupport/search-result/-/facetsearch/document/KM03139781)\nFor v10.2x: Network Node Manager i 10.20 Patch 6\n\tLinux\n[https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/\n/facetsearch/document/KM03139701](https://softwaresupport.softwaregrp.com/gro\np/softwaresupport/search-result/-/facetsearch/document/KM03139701)\n\tWindows\n[https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/\n/facetsearch/document/KM03139715](https://softwaresupport.softwaregrp.com/gro\np/softwaresupport/search-result/-/facetsearch/document/KM03139715)\nFor v10.3x: Network Node Manager i 10.30 Patch 2\n\tLinux\n[https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/\n/facetsearch/document/KM03139685](https://softwaresupport.softwaregrp.com/gro\np/softwaresupport/search-result/-/facetsearch/document/KM03139685)\n\t Windows\n[https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/\n/facetsearch/document/KM03139693](https://softwaresupport.softwaregrp.com/gro\np/softwaresupport/search-result/-/facetsearch/document/KM03139693) \n\n\nHISTORY\nVersion:1 (rev.1) - 12 December 2018 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on \nsystems running Micro Focus products should be applied in accordance with the customer\u0027s \npatch management policy. \n\nSupport: For issues about implementing the recommendations of this Security Bulletin, contact normal Micro Focus services support channel. \nFor other issues about the content of this Security Bulletin, send e-mail to security@microfocus.com. \n\nReport: To report a potential security vulnerability for any supported product:\n  Web form: https://softwaresupport.softwaregrp.com/psrt\n  Email: security@microfocus.com\n\nSubscribe:\n To initiate receiving subscriptions for future Micro Focus Security Bulletin alerts via Email,  please subscribe here - https://softwaresupport.softwaregrp.com/group/softwaresupport/email-notification/-/subscriptions/registerdocumentnotification\n Once you are logged in to the portal, please choose security bulletins under product and document types. \n Please note that you will need to sign in using a Passport account. If you do not have a Passport account yet, you can create one- its free and easy https://cf.passport.softwaregrp.com/hppcf/createuser.do \n\nSecurity Bulletin Archive:\n A list of recently released Security Bulletins is available here: https://softwaresupport.softwaregrp.com/security-vulnerability\n \nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following Micro Focus Security Bulletin. \n\n3P = 3rd Party Software\nGN = Micro Focus General Software\nMU = Multi-Platform Software\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. \nMicro Focus is continually reviewing and enhancing the security features of software products to provide \ncustomers with current secure solutions. \n\n\"Micro Focus is broadly distributing this Security Bulletin in order to bring to the attention of users of the \naffected Micro Focus products the important security information contained in this Bulletin. Micro Focus recommends \nthat all users determine the applicability of this information to their individual situations and take appropriate action. \nMicro Focus does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, \nMicro Focus will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in \nthis Security Bulletin. To the extent permitted by law, Micro Focus  disclaims  all warranties, either express or \nimplied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\" \n\n\nCopyright Micro Focus\n\nMicro Focus shall not be liable for technical or editorial errors or omissions contained herein. \nThe information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, \nneither Micro Focus nor its affiliates, subcontractors or suppliers will be liable for incidental, special \nor consequential damages including downtime cost; lost profits; damages relating to the procurement of \nsubstitute products or services; or damages for loss of data, or software restoration. \nThe information in this document is subject to change without notice. Micro Focus and the names of \nMicro Focus products referenced herein are trademarks of Micro Focus in the United States and other countries. \nOther product and company names mentioned herein may be trademarks of their respective owners. \n\nThe References section of this erratum contains a download link (you must\nlog in to download the update)",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-5664"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "db": "BID",
        "id": "98888"
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5664"
      },
      {
        "db": "PACKETSTORM",
        "id": "145765"
      },
      {
        "db": "PACKETSTORM",
        "id": "143874"
      },
      {
        "db": "PACKETSTORM",
        "id": "143519"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144792"
      },
      {
        "db": "PACKETSTORM",
        "id": "150775"
      },
      {
        "db": "PACKETSTORM",
        "id": "143873"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-5664",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "98888",
        "trust": 2.0
      },
      {
        "db": "SECTRACK",
        "id": "1038641",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU95420726",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051",
        "trust": 0.8
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.3216.2",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.1276",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2017-5664",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "145765",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "143874",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "143519",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "144014",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "144792",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "150775",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "143873",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-5664"
      },
      {
        "db": "BID",
        "id": "98888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "db": "PACKETSTORM",
        "id": "145765"
      },
      {
        "db": "PACKETSTORM",
        "id": "143874"
      },
      {
        "db": "PACKETSTORM",
        "id": "143519"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144792"
      },
      {
        "db": "PACKETSTORM",
        "id": "150775"
      },
      {
        "db": "PACKETSTORM",
        "id": "143873"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5664"
      }
    ]
  },
  "id": "VAR-201706-0361",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.15072303
  },
  "last_update_date": "2024-11-29T21:52:07.371000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Fixed in Apache Tomcat 8.0.44",
        "trust": 0.8,
        "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.44"
      },
      {
        "title": "Fixed in Apache Tomcat 7.0.78",
        "trust": 0.8,
        "url": "http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.78"
      },
      {
        "title": "Fixed in Apache Tomcat 9.0.0.M21",
        "trust": 0.8,
        "url": "http://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M21"
      },
      {
        "title": "Fixed in Apache Tomcat 8.5.15",
        "trust": 0.8,
        "url": "http://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.15"
      },
      {
        "title": "hitachi-sec-2019-107",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-107/index.html"
      },
      {
        "title": "NV17-015",
        "trust": 0.8,
        "url": "http://jpn.nec.com/security-info/secinfo/nv17-015.html"
      },
      {
        "title": "[SECURITY] CVE-2017-5664 Apache Tomcat Security Constraint Bypass",
        "trust": 0.8,
        "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E"
      },
      {
        "title": "hitachi-sec-2019-107",
        "trust": 0.8,
        "url": "http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2019-107/index.html"
      },
      {
        "title": "Apache Tomcat Default Servlet Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71211"
      },
      {
        "title": "Red Hat: Important: tomcat security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171809 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: tomcat6 security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20173080 - Security Advisory"
      },
      {
        "title": "Debian Security Advisories: DSA-3892-1 tomcat7 -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=84d07d805fb625d5e5269555c0f8846e"
      },
      {
        "title": "Red Hat: Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171801 - Security Advisory"
      },
      {
        "title": "Red Hat: Important: Red Hat JBoss Web Server Service Pack 1 security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=RHSA-20171802 - Security Advisory"
      },
      {
        "title": "Debian Security Advisories: DSA-3891-1 tomcat8 -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=91198151af7100bd505e12e11d3f56e5"
      },
      {
        "title": "Debian CVElist Bug Report Logs: tomcat8: CVE-2017-5664: Security constrained bypass in error page mechanism",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=6e84a658cd855bbabe4c36955d8fe865"
      },
      {
        "title": "Arch Linux Advisories: [ASA-201706-6] tomcat7: access restriction bypass",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201706-6"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2017-853",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-853"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2017-854",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-854"
      },
      {
        "title": "Arch Linux Advisories: [ASA-201706-7] tomcat8: access restriction bypass",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=ASA-201706-7"
      },
      {
        "title": "Ubuntu Security Notice: tomcat7, tomcat8 vulnerabilities",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-3519-1"
      },
      {
        "title": "Arch Linux Issues: ",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=CVE-2017-5664"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2017-862",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-862"
      },
      {
        "title": "Amazon Linux AMI: ALAS-2017-873",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=ALAS-2017-873"
      },
      {
        "title": "Hitachi Security Advisories: Multiple Vulnerabilities in JP1/Network Node Manager i",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=hitachi_security_advisories\u0026qid=hitachi-sec-2019-107"
      },
      {
        "title": "Forcepoint Security Advisories: CVE-2017-5664 Apache Tomcat Security Constraint Bypass Vulnerability",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=85b7afd6cc93580dc2508b4ad46d18f2"
      },
      {
        "title": "Symantec Security Advisories: SA156: Apache Tomcat Vulnerabilities Apr-Oct 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=8d498c8e227285c90100c42076428782"
      },
      {
        "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a22ad41e97bbfc5abb0bb927bf43089c"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - July 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=5f8c525f1408011628af1792207b2099"
      },
      {
        "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=549dc795290b298746065b62b4bb7928"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - April 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=4019ca77f50c7a34e4d97833e6f3321e"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
      },
      {
        "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
      },
      {
        "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - October 2017",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=7251d5e5f2b1771951980ad7cfde50ba"
      },
      {
        "title": "vulners-yum-scanner",
        "trust": 0.1,
        "url": "https://github.com/dkiser/vulners-yum-scanner "
      },
      {
        "title": "A2:2017 Broken Authentication\nA5:2017 Broken Access Control\nA3:2017 Sensitive Data Exposure\nA6:2017 Security Misconfiguration\nA9:2017 Using Components with Known Vulnerabilities\nA10:2017 Insufficient Logging \u0026 Monitoring",
        "trust": 0.1,
        "url": "https://github.com/ilmari666/cybsec "
      },
      {
        "title": "veracode-container-security-finding-parser",
        "trust": 0.1,
        "url": "https://github.com/vincent-deng/veracode-container-security-finding-parser "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-5664"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-755",
        "trust": 1.0
      },
      {
        "problemtype": "CWE-254",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5664"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 3.0,
        "url": "http://www.securityfocus.com/bid/98888"
      },
      {
        "trust": 2.3,
        "url": "http://www.debian.org/security/2017/dsa-3892"
      },
      {
        "trust": 2.3,
        "url": "http://www.debian.org/security/2017/dsa-3891"
      },
      {
        "trust": 2.0,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
      },
      {
        "trust": 2.0,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
      },
      {
        "trust": 2.0,
        "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
      },
      {
        "trust": 1.9,
        "url": "https://access.redhat.com/errata/rhsa-2017:1809"
      },
      {
        "trust": 1.8,
        "url": "https://access.redhat.com/errata/rhsa-2017:3080"
      },
      {
        "trust": 1.8,
        "url": "https://access.redhat.com/errata/rhsa-2017:2636"
      },
      {
        "trust": 1.8,
        "url": "https://access.redhat.com/errata/rhsa-2017:2494"
      },
      {
        "trust": 1.8,
        "url": "https://access.redhat.com/errata/rhsa-2017:2493"
      },
      {
        "trust": 1.7,
        "url": "http://www.securitytracker.com/id/1038641"
      },
      {
        "trust": 1.7,
        "url": "https://security.netapp.com/advisory/ntap-20171019-0002/"
      },
      {
        "trust": 1.7,
        "url": "https://access.redhat.com/errata/rhsa-2017:2638"
      },
      {
        "trust": 1.7,
        "url": "https://access.redhat.com/errata/rhsa-2017:2637"
      },
      {
        "trust": 1.7,
        "url": "https://access.redhat.com/errata/rhsa-2017:2635"
      },
      {
        "trust": 1.7,
        "url": "https://access.redhat.com/errata/rhsa-2017:2633"
      },
      {
        "trust": 1.7,
        "url": "https://access.redhat.com/errata/rhsa-2017:1802"
      },
      {
        "trust": 1.7,
        "url": "https://access.redhat.com/errata/rhsa-2017:1801"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
      },
      {
        "trust": 1.7,
        "url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbux03828en_us"
      },
      {
        "trust": 1.7,
        "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
      },
      {
        "trust": 1.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5664"
      },
      {
        "trust": 1.4,
        "url": "https://access.redhat.com/security/cve/cve-2017-5664"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066%40%3cannounce.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 1.1,
        "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.9,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459158"
      },
      {
        "trust": 0.9,
        "url": "http://tomcat.apache.org/"
      },
      {
        "trust": 0.9,
        "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3cannounce.tomcat.apache.org%3e"
      },
      {
        "trust": 0.9,
        "url": "https://www.symantec.com/security-center/network-protection-security-advisories/sa156"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-5664"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnvu95420726"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3cdev.tomcat.apache.org%3e"
      },
      {
        "trust": 0.6,
        "url": "http://support.symantec.com/us/en/article.symsa1419.html"
      },
      {
        "trust": 0.6,
        "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2019-107/index.html"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/79014"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.3216.2/"
      },
      {
        "trust": 0.5,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.5,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.5,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5647"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2017-5647"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5648"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2016-6304"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6304"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/security/cve/cve-2016-8610"
      },
      {
        "trust": 0.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-8610"
      },
      {
        "trust": 0.2,
        "url": "https://access.redhat.com/articles/3155411"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/755.html"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/./dsa-3892"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://usn.ubuntu.com/3519-1/"
      },
      {
        "trust": 0.1,
        "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=55627"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/tomcat8/8.0.38-2ubuntu2.2"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7674"
      },
      {
        "trust": 0.1,
        "url": "https://www.ubuntu.com/usn/usn-3519-1"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/tomcat7/7.0.52-1ubuntu0.13"
      },
      {
        "trust": 0.1,
        "url": "https://launchpad.net/ubuntu/+source/tomcat8/8.0.32-1ubuntu1.5"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-5648"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-5645"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-5645"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-7525"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-7525"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/documentation/en/red-hat-jboss-enterprise-application-platform?version=6.4/"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-12617"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/security/cve/cve-2017-12615"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12615"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-12617"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.softwaregrp.com/group/softwaresupport/search-result/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6816"
      },
      {
        "trust": 0.1,
        "url": "https://cf.passport.softwaregrp.com/hppcf/createuser.do"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.softwaregrp.com/psrt"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.softwaregrp.com/group/softwaresupport/email-notification/-/subscriptions/registerdocumentnotification"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.softwaregrp.com/gro"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.softwaregrp.com/security-vulnerability"
      },
      {
        "trust": 0.1,
        "url": "https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/km03302206"
      },
      {
        "trust": 0.1,
        "url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=webserver\u0026downloadtype=securitypatches\u0026version=2.1.2"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2017-5664"
      },
      {
        "db": "BID",
        "id": "98888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "db": "PACKETSTORM",
        "id": "145765"
      },
      {
        "db": "PACKETSTORM",
        "id": "143874"
      },
      {
        "db": "PACKETSTORM",
        "id": "143519"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144792"
      },
      {
        "db": "PACKETSTORM",
        "id": "150775"
      },
      {
        "db": "PACKETSTORM",
        "id": "143873"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5664"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2017-5664"
      },
      {
        "db": "BID",
        "id": "98888"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "db": "PACKETSTORM",
        "id": "145765"
      },
      {
        "db": "PACKETSTORM",
        "id": "143874"
      },
      {
        "db": "PACKETSTORM",
        "id": "143519"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "144792"
      },
      {
        "db": "PACKETSTORM",
        "id": "150775"
      },
      {
        "db": "PACKETSTORM",
        "id": "143873"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-5664"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-06-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-5664"
      },
      {
        "date": "2017-06-06T00:00:00",
        "db": "BID",
        "id": "98888"
      },
      {
        "date": "2017-06-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "date": "2018-01-09T17:18:26",
        "db": "PACKETSTORM",
        "id": "145765"
      },
      {
        "date": "2017-08-22T05:29:02",
        "db": "PACKETSTORM",
        "id": "143874"
      },
      {
        "date": "2017-07-27T14:44:00",
        "db": "PACKETSTORM",
        "id": "143519"
      },
      {
        "date": "2017-09-05T23:44:00",
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "date": "2017-10-30T15:38:55",
        "db": "PACKETSTORM",
        "id": "144792"
      },
      {
        "date": "2018-12-13T18:21:43",
        "db": "PACKETSTORM",
        "id": "150775"
      },
      {
        "date": "2017-08-22T05:28:16",
        "db": "PACKETSTORM",
        "id": "143873"
      },
      {
        "date": "2017-06-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      },
      {
        "date": "2017-06-06T14:29:00.937000",
        "db": "NVD",
        "id": "CVE-2017-5664"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-12-08T00:00:00",
        "db": "VULMON",
        "id": "CVE-2017-5664"
      },
      {
        "date": "2019-07-17T09:00:00",
        "db": "BID",
        "id": "98888"
      },
      {
        "date": "2019-04-12T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      },
      {
        "date": "2019-10-23T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      },
      {
        "date": "2024-11-21T03:28:08.370000",
        "db": "NVD",
        "id": "CVE-2017-5664"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "145765"
      },
      {
        "db": "PACKETSTORM",
        "id": "144014"
      },
      {
        "db": "PACKETSTORM",
        "id": "150775"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      }
    ],
    "trust": 0.9
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Apache Tomcat Security restriction bypass vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004051"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "security feature problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201706-192"
      }
    ],
    "trust": 0.6
  }
}

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F8C62EF-1B67-456A-9C66-755439CF8556",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*",
              "matchCriteriaId": "33E9607B-4D28-460D-896B-E4B7FA22441E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A819E245-D641-4F19-9139-6C940504F6E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*",
              "matchCriteriaId": "81A31CA0-A209-4C49-AA06-C38E165E5B68",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7205475A-6D04-4042-B24E-1DA5A57029B7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "08022987-B36B-4F63-88A5-A8F59195DF4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*",
              "matchCriteriaId": "0AA563BF-A67A-477D-956A-167ABEF885C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF4B7557-EF35-451E-B55D-3296966695AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*",
              "matchCriteriaId": "6F1B937B-57E0-4E88-9E39-39012A924525",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "8980E61E-27BE-4858-82B3-C0E8128AF521",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8756BF9B-3E24-4677-87AE-31CE776541F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "88CE057E-2092-4C98-8D0C-75CF439D0A9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F194580-EE6D-4E38-87F3-F0661262256B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A9731BAA-4C6C-4259-B786-F577D8A90FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F74A421-D019-4248-84B8-C70D4D9A8A95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "05346F5A-FB52-4376-AAC7-9A5308216545",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "305688F2-50A6-41FB-8614-BC589DB9A789",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "D24AA431-C436-4AA5-85DF-B9AAFF2548FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "25966344-15D5-4101-9346-B06BFD2DFFF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "11F4CBAC-27B1-4EFF-955A-A63B457D0578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD55B338-9DBE-4643-ABED-A08964D3AF7C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D4F710E-06EA-48F4-AC6A-6F143950F015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C4936C2-0B2D-4C44-98C3-443090965F5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "48453405-2319-4327-9F4C-6F70B49452C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "49DD9544-6424-41A6-AEC0-EC19B8A10E71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "E4670E65-2E11-49A4-B661-57C2F60D411F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "5E8FF71D-4710-4FBB-9925-A6A26C450F7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "31002A23-4788-4BC7-AE11-A3C2AA31716D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "7144EDDF-8265-4642-8EEB-ED52527E0A26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF06B5C1-B9DD-4673-A101-56E1E593ACDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D731065-626B-4425-8E49-F708DD457824",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3D850EA-E537-42C8-93B9-96E15CB26747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "E037DA05-2BEF-4F64-B8BB-307247B6A05C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCAF1EB5-FB34-40FC-96ED-9D073890D8BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "D395D95B-1F4A-420E-A0F6-609360AF7B69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD221BA-0AB6-4972-8AD9-5D37AC07762F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "E55B6565-96CB-4F6A-9A80-C3FB82F30546",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "D3300AFE-49A4-4904-B9A0-5679F09FA01E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "ED5125CC-05F9-4678-90DB-A5C7CD24AE6F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B904C74-B92E-4EAE-AE6C-78E2B844C3DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA8A7333-B4C3-4876-AE01-62F2FD315504",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "92993E23-D805-407B-8B87-11CEEE8B212F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A11BD74-305C-41E2-95B1-5008EEF5FA5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*",
              "matchCriteriaId": "595442D0-9DB7-475A-AE30-8535B70E122E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B0BA92A-0BD3-4CE4-9465-95E949104BAC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*",
              "matchCriteriaId": "BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "C947E549-2459-4AFB-84A7-36BDA30B5F29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "67A0EA46-5AEA-4D0A-B89E-6560FA10EC08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8E9453E-BC9B-4F77-85FA-BA15AC55C245",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7EF0518-73F9-47DB-8946-A8334936BEFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*",
              "matchCriteriaId": "95AA8778-7833-4572-A71B-5FD89938CE94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*",
              "matchCriteriaId": "242E47CE-EF69-4F8F-AB40-5AF2811674CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*",
              "matchCriteriaId": "A225D4F7-174E-47C3-8390-C6FA28DB5A9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*",
              "matchCriteriaId": "CDA1555C-E55A-4E14-B786-BFEE3F09220B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BAC42AE-B82A-4ABF-9519-B2D97D925707",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8075E9A-DA7F-4A0B-8B4D-0CD951369111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "335A5320-6086-4B45-9903-82F6F92A584F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "46B33408-C2E2-4E7C-9334-6AB98F13468C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F036676-9EFB-4A92-828E-A38905D594E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9728EE8-6029-4DF3-942E-E4ACC09111A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "62DBB843-288C-4060-8777-6CDCF1860D29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "34E7DAC8-8419-45D1-A28F-14CF2FE1B6EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*",
              "matchCriteriaId": "89B87EB5-4902-4C2A-878A-45185F7D0FA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*",
              "matchCriteriaId": "C0596E6C-9ACE-4106-A2FF-BED7967C323F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F7158DC-966B-4508-8600-40E3E9D3D0DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*",
              "matchCriteriaId": "A190FE0D-86C1-49EE-BDAE-5879C32BDC92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA20F45F-01A2-43DD-9731-DFF54E31719F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7A728B-59DB-4EDE-8929-C91F4C410902",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "26889291-3280-4524-8F4A-9B22FF4600C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E4CAEBD-0F38-4892-9D0B-9D7392E0BCC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C4DA00-E47C-47BE-856C-7E0D4B0F9DAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:7.0.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "41FF234B-A9AD-4C51-8E9E-939DC8ECB64A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "4752862B-7D26-4285-B8A0-CF082C758353",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*",
              "matchCriteriaId": "58EA7199-3373-4F97-9907-3A479A02155E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "F963D737-2E95-4D7C-92C7-DACF3F36D1E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "2BBBC5EA-012C-4C5D-A61B-BAF134B300DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C4DB619-F6B0-4896-9AE2-7E7D92105577",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AFF96F96-34DB-4EB3-BF59-11220673FA26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "44883383-6360-4BE6-9B48-1308F85E5797",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E82391BD-10FF-4E7F-91DC-35AA11325530",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "92C22F12-C072-4A12-A4A9-CBF589A36FF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A776B25-6AF1-421B-8E47-2A7499F6B4D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A332FDE-42AE-4F48-9553-5AE953CD6D3A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "701424A2-BB06-44B5-B468-7164E4F95529",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "A63FA521-9D20-49B9-A9A4-0DF891B4E4E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F9A5B7E-33A9-4651-9BE1-371A0064B661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "F99252E8-A59C-48E1-B251-718D7FB3E399",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D05293B-B9D8-42F1-9367-9D2E058EFAD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "4E0DDEF6-A8EE-46C4-A046-A1F26E7C4E87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*",
              "matchCriteriaId": "14B38892-9C00-4510-B7BA-F2A8F2CACCAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C913AA6-2260-4249-BE1D-7139F45735D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "7409B064-D43E-489E-AEC6-0A767FB21737",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "F019268F-80C4-48FE-8164-E9DA0A3BAFF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFBD214-FCFE-4F04-A903-66EFDA764B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "425D86B3-6BB9-410D-8125-F7CF87290AD6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EE3BB0D-1002-41E4-9BE8-875D97330057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "25D0E80B-EDDA-4876-912D-44BFE6211EB0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "6622472B-8644-4D45-A54B-A215C3D64B83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "B338F95B-2924-435B-827F-E64420A93244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "209D1349-7740-4DBE-80A5-E6343C62BAB5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "09E77C24-C265-403D-A193-B3739713F6B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "28616FA3-9A98-4AAE-9F94-3E77A14156EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "335925DA-11C0-4222-B6B7-82602B361751",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "603A14BF-72BB-4A3D-8CBC-932DC45CEC06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C2E1C55-3C89-4F26-A981-1195BCC9BB5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC242407-A447-4ABD-8E19-EB6DB1F35121",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*",
              "matchCriteriaId": "31BB906B-812F-462C-9AEE-147C1418D865",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B701E17-D231-44ED-A46E-C67749A725B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.37:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8CAF2F7-D227-4F06-B0E6-533C5EDB105B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.38:*:*:*:*:*:*:*",
              "matchCriteriaId": "305B73CE-0224-4E73-8EB2-FC41A62FBA08",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.39:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0DBF476-D7BB-4FC8-89FE-FF0CD135E9BE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC866C53-0C6B-4D0B-A168-D3985B1CF0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.41:*:*:*:*:*:*:*",
              "matchCriteriaId": "290B0787-49F1-41FB-9AFD-36646FB16CA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.42:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B741F4F-E52B-43CD-A9CC-6AC46B2DE111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.0.43:*:*:*:*:*:*:*",
              "matchCriteriaId": "BB7A8369-183D-4C00-B2B2-0F81DA153C4E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "69A7FC28-A0EC-4516-9776-700343D2F4DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "18814653-6D44-47D9-A2F5-89C5AFB255F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4D811A9-4988-4C11-AA27-F5BE2B93D8D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FAEF824D-7E95-4BC1-8DBB-787DCE595E21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "97F4A2B3-DB1D-4D0B-B5FF-7EE2A0D291BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "0B461D5A-1208-498F-B551-46C6D514AC2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "598E5D91-0165-4D55-9EDD-EBB5AAAD1172",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B6B61B7-09A3-41C8-8333-0417C14CC87E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "95A139BA-CD3C-42F5-88BA-BE7BE58246D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "876EADA5-60AD-4849-BE10-61C75AA75053",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "1814F8DE-2060-411F-9FCC-6EC42AF5663D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AF6DBF7-BB0A-4AE6-84DA-51428ACF47CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "A34F72ED-04FE-4EDE-BB18-BE8B1E99EEF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "3245C35C-02E7-46B9-A720-37D3C17AFDD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:8.5.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F4239A72-EFA1-49E3-8755-5961060F2198",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*",
              "matchCriteriaId": "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*",
              "matchCriteriaId": "89B129B2-FB6F-4EF9-BF12-E589A87996CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*",
              "matchCriteriaId": "8B6787B6-54A8-475E-BA1C-AB99334B2535",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone12:*:*:*:*:*:*",
              "matchCriteriaId": "EABB6FBC-7486-44D5-A6AD-FFF1D3F677E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone13:*:*:*:*:*:*",
              "matchCriteriaId": "E10C03BC-EE6B-45B2-83AE-9E8DFB58D7DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone14:*:*:*:*:*:*",
              "matchCriteriaId": "8A6DA0BE-908C-4DA8-A191-A0113235E99A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone15:*:*:*:*:*:*",
              "matchCriteriaId": "39029C72-28B4-46A4-BFF5-EC822CFB2A4C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone16:*:*:*:*:*:*",
              "matchCriteriaId": "1A2E05A3-014F-4C4D-81E5-88E725FBD6AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone17:*:*:*:*:*:*",
              "matchCriteriaId": "166C533C-0833-41D5-99B6-17A4FAB3CAF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone18:*:*:*:*:*:*",
              "matchCriteriaId": "D3768C60-21FA-4B92-B98C-C3A2602D1BC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone19:*:*:*:*:*:*",
              "matchCriteriaId": "DDD510FA-A2E4-4BAF-A0DE-F4E5777E9325",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*",
              "matchCriteriaId": "9F542E12-6BA8-4504-A494-DA83E7E19BD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone20:*:*:*:*:*:*",
              "matchCriteriaId": "C2409CC7-6A85-4A66-A457-0D62B9895DC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*",
              "matchCriteriaId": "C0C5F004-F7D8-45DB-B173-351C50B0EC16",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*",
              "matchCriteriaId": "D1902D2E-1896-4D3D-9E1C-3A675255072C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*",
              "matchCriteriaId": "49AAF4DF-F61D-47A8-8788-A21E317A145D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*",
              "matchCriteriaId": "454211D0-60A2-4661-AECA-4C0121413FEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*",
              "matchCriteriaId": "0686F977-889F-4960-8E0B-7784B73A7F2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*",
              "matchCriteriaId": "558703AE-DB5E-4DFF-B497-C36694DD7B24",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*",
              "matchCriteriaId": "ED6273F2-1165-47A4-8DD7-9E9B2472941B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method."
    },
    {
      "lang": "es",
      "value": "El mecanismo de p\u00e1gina de error en Java Servlet Specification requiere que, cuando ocurre un error y se configura una p\u00e1gina de error para ese fallo que ha ocurrido, la petici\u00f3n original y la respuesta se env\u00edan a la p\u00e1gina de error. Esto significa que la petici\u00f3n se presenta en la p\u00e1gina de error con el m\u00e9todo HTTP original. Si la p\u00e1gina de error es un archivo est\u00e1tico, el comportamiento esperado es que sirva contenido del archivo como si estuviese procesando una petici\u00f3n GET, independientemente del m\u00e9todo HTTP que se emplee realmente. El Servlet por defecto en Apache Tomcat 9.0.0.M1 a 9.0.0.M20, 8.5.0 a 8.5.14, 8.0.0.RC1 a 8.0.43 y 7.0.0 a 7.0.77 no hizo esto. Dependiendo de la petici\u00f3n original, esto podr\u00eda conducir a resultados inesperados y no deseados para p\u00e1ginas est\u00e1ticas de error incluyendo, si DefaultServlet se configura para permitir escrituras, el remplazo o eliminaci\u00f3n de la p\u00e1gina de error personalizada. Notas para otras p\u00e1ginas de error proporcionadas por el usuario: (1) A no se que se programe de otra forma, los JSPs ignoran el m\u00e9todo HTTP. Los JSP empleados como p\u00e1ginas de error deben asegurarse de que gestionan cualquier env\u00edo de errores como petici\u00f3n GET, independientemente del m\u00e9todo que se emplee realmente. (2) Por defecto, la respuesta que genera un Servlet depende del m\u00e9todo HTTP. Los Servlets personalizados empleados como p\u00e1ginas de error deben asegurarse de que gestionan cualquier env\u00edo de errores como petici\u00f3n GET, independientemente del m\u00e9todo que se emplee realmente."
    }
  ],
  "id": "CVE-2017-5664",
  "lastModified": "2024-11-21T03:28:08.370",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-06-06T14:29:00.937",
  "references": [
    {
      "source": "security@apache.org",
      "url": "http://www.debian.org/security/2017/dsa-3891"
    },
    {
      "source": "security@apache.org",
      "url": "http://www.debian.org/security/2017/dsa-3892"
    },
    {
      "source": "security@apache.org",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
    },
    {
      "source": "security@apache.org",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "security@apache.org",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
    },
    {
      "source": "security@apache.org",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "security@apache.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98888"
    },
    {
      "source": "security@apache.org",
      "url": "http://www.securitytracker.com/id/1038641"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1801"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1802"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:1809"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:2493"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:2494"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:2633"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:2635"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:2636"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:2637"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:2638"
    },
    {
      "source": "security@apache.org",
      "url": "https://access.redhat.com/errata/RHSA-2017:3080"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066%40%3Cannounce.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "security@apache.org",
      "url": "https://security.netapp.com/advisory/ntap-20171019-0002/"
    },
    {
      "source": "security@apache.org",
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us"
    },
    {
      "source": "security@apache.org",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
    },
    {
      "source": "security@apache.org",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2017/dsa-3891"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2017/dsa-3892"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/98888"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1038641"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1801"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1802"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:1809"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2493"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2494"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2633"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2636"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2637"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:2638"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2017:3080"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066%40%3Cannounce.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.netapp.com/advisory/ntap-20171019-0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
    }
  ],
  "sourceIdentifier": "security@apache.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-755"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 9.0.0.M20"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "9.0.0.M1"
            },
            {
              "fixed": "9.0.0.M21"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 8.5.14"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.5.0"
            },
            {
              "fixed": "8.5.15"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 8.0.43"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "8.0.0"
            },
            {
              "fixed": "8.0.44"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 7.0.77"
      },
      "package": {
        "ecosystem": "Maven",
        "name": "org.apache.tomcat:tomcat"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "7.0.0"
            },
            {
              "fixed": "7.0.78"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2017-5664"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-755"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2022-07-01T11:52:17Z",
    "nvd_published_at": "2017-06-06T14:29:00Z",
    "severity": "HIGH"
  },
  "details": "The error page mechanism of the Java Servlet Specification requires that, when an error occurs and an error page is configured for the error that occurred, the original request and response are forwarded to the error page. This means that the request is presented to the error page with the original HTTP method. If the error page is a static file, expected behaviour is to serve content of the file as if processing a GET request, regardless of the actual HTTP method. The Default Servlet in Apache Tomcat 9.0.0.M1 to 9.0.0.M20, 8.5.0 to 8.5.14, 8.0.0.RC1 to 8.0.43 and 7.0.0 to 7.0.77 did not do this. Depending on the original request this could lead to unexpected and undesirable results for static error pages including, if the DefaultServlet is configured to permit writes, the replacement or removal of the custom error page. Notes for other user provided error pages: (1) Unless explicitly coded otherwise, JSPs ignore the HTTP method. JSPs used as error pages must must ensure that they handle any error dispatch as a GET request, regardless of the actual method. (2) By default, the response generated by a Servlet does depend on the HTTP method. Custom Servlets used as error pages must ensure that they handle any error dispatch as a GET request, regardless of the actual method.",
  "id": "GHSA-jmvv-524f-hj5j",
  "modified": "2024-02-22T22:24:32Z",
  "published": "2022-05-13T01:46:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-5664"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat80/commit/e070a31ec81b56377822e44883c64abb41f36a3b"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat80/commit/25d3c0d93190ef165ecd6c744bc15b5059abfa8f"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/7d93527254d9e9371b342800617f20d13c8b85ad"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/58b32048ce25cb812ae394dafb0cd57254c68155"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/4545dcce444aa619374a659cb450dbbd0be3c921"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/3bfe9fb886598c4d8ecbe674216152006bbce456"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/3242efea525df01d15da6e90ea69a9a21b10b454"
    },
    {
      "type": "WEB",
      "url": "https://github.com/apache/tomcat/commit/29893e66111d33cfe99dd01cb146317c0c262ef4"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066@%3Cannounce.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/a42c48e37398d76334e17089e43ccab945238b8b7896538478d76066%40%3Cannounce.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1801"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://security.netapp.com/advisory/ntap-20171019-0002"
    },
    {
      "type": "WEB",
      "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03828en_us"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20170801120345/http://www.securitytracker.com/id/1038641"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20170805032345/http://www.securityfocus.com/bid/98888"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
    },
    {
      "type": "WEB",
      "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1802"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:1809"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2493"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2494"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2633"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2635"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2636"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2637"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:2638"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2017:3080"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/apache/tomcat"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3891"
    },
    {
      "type": "WEB",
      "url": "http://www.debian.org/security/2017/dsa-3892"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
    },
    {
      "type": "WEB",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Improper Handling of Exceptional Conditions in Apache Tomcat"
}