{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-06-26T00:00:00", "descriptions": [{"lang": "en", "value": "org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "RHSA-2014:0798", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0798.html"}, {"name": "1032017", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032017"}, {"name": "RHSA-2015:0765", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"}, {"name": "RHSA-2015:0675", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"}, {"name": "RHSA-2015:0720", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"}, {"name": "RHSA-2014:0797", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0797.html"}, {"name": "redhat-jeap-cve20143481-info-disc(94939)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94939"}, {"name": "RHSA-2014:0799", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0799.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1105242"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2014-3481", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2014:0798", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0798.html"}, {"name": "1032017", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032017"}, {"name": "RHSA-2015:0765", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"}, {"name": "RHSA-2015:0675", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"}, {"name": "RHSA-2015:0720", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"}, {"name": "RHSA-2014:0797", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0797.html"}, {"name": "redhat-jeap-cve20143481-info-disc(94939)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94939"}, {"name": "RHSA-2014:0799", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2014-0799.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1105242", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1105242"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:43:06.387Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2014:0798", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0798.html"}, {"name": "1032017", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032017"}, {"name": "RHSA-2015:0765", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"}, {"name": "RHSA-2015:0675", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"}, {"name": "RHSA-2015:0720", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"}, {"name": "RHSA-2014:0797", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0797.html"}, {"name": "redhat-jeap-cve20143481-info-disc(94939)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94939"}, {"name": "RHSA-2014:0799", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-0799.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1105242"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-3481", "datePublished": "2014-07-07T14:00:00", "dateReserved": "2014-05-14T00:00:00", "dateUpdated": "2024-08-06T10:43:06.387Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "43A9F1F7-0989-4F56-9A42-90D5E5D94933", "versionEndIncluding": "6.2.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B142ACCC-F7A9-4A3B-BE60-0D6691D5058D", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6F94D102-60EA-4C47-9A39-DAE4704044DD", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF680478-162A-4F7B-B9BA-C407FA3C0EEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "82B6C055-25E2-4C78-ACA7-D722848BDBC4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "274B01DE-9D76-4E28-956F-1C0D03473EE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "7D9B1401-1FBD-442A-9055-A270BF1A1244", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue."}, {"lang": "es", "value": "org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor en Red Hat JBoss Enterprise Application Platform (JEAP) anterior a 6.2.4 habilita la expansi\u00f3n de entidad, lo que permite a atacantes remotos leer ficheros arbitrarios a trav\u00e9s de vectores no especificados, relacionado con un problema de entidad externa XML (XXE)."}], "id": "CVE-2014-3481", "lastModified": "2017-08-29T01:34:45.983", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-07T14:55:03.973", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-0797.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-0798.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-0799.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0675.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0720.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-0765.html"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id/1032017"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1105242"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94939"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Red Hat JBoss Enterprise Application Platform QE team.", "affected_release": [{"advisory": "RHSA-2014:0895", "cpe": "cpe:/a:redhat:jboss_data_grid:6.3.0", "product_name": "Red Hat JBoss Data Grid 6.3", "release_date": "2014-07-16T00:00:00Z"}, {"advisory": "RHSA-2015:0765", "cpe": "cpe:/a:redhat:jboss_data_virtualization:6.0", "package": "jboss-as-jaxrs", "product_name": "Red Hat JBoss Data Virtualization 6.0", "release_date": "2015-03-31T00:00:00Z"}, {"advisory": "RHSA-2015:0675", "cpe": "cpe:/a:redhat:jboss_data_virtualization:6.1", "product_name": "Red Hat JBoss Data Virtualization 6.1", "release_date": "2015-03-11T00:00:00Z"}, {"advisory": "RHSA-2014:0797", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.2.4", "package": "jboss-as-jaxrs", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "apache-cxf-0:2.7.11-3.redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hibernate4-eap6-0:4.2.7-9.SP5_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-aesh-0:0.33.12-1.redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-appclient-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-appclient-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-bundles-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cli-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-client-all-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-clustering-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cmp-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-configadmin-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-connector-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-client-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-core-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-core-security-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-repository-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-scanner-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-domain-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-http-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-management-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-deployment-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ejb3-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-embedded-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-host-controller-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jacorb-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-javadocs-0:7.3.4-1.Final_redhat_1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxr-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxrs-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jdr-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jmx-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jpa-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsf-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsr77-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-logging-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-mail-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-management-client-content-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-messaging-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-modcluster-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-modules-eap-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-naming-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-network-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-configadmin-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-service-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-platform-mbean-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-pojo-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-process-controller-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-product-eap-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-protocol-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-remoting-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-sar-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-security-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-server-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-standalone-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-system-jmx-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-threads-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-transactions-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-version-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-web-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-webservices-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-welcome-content-eap-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-weld-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-xts-0:7.3.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-security-negotiation-0:2.2.10-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossts-1:4.17.15-5.Final_redhat_5.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossweb-0:7.3.2-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-xnio-base-0:3.0.10-1.GA_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "picketbox-0:4.0.19-8.SP8_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "resteasy-0:2.3.7.2-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "weld-core-0:1.1.17-4.SP3_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0798", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "wss4j-0:1.6.15-1.redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 5", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "apache-cxf-0:2.7.11-3.redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hibernate4-eap6-0:4.2.7-9.SP5_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-aesh-0:0.33.12-1.redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-appclient-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-appclient-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-bundles-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cli-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-client-all-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-clustering-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cmp-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-configadmin-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-connector-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-client-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-core-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-core-security-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-repository-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-scanner-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-domain-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-http-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-management-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-deployment-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ejb3-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-embedded-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-host-controller-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jacorb-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-javadocs-0:7.3.4-1.Final_redhat_1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxr-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxrs-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jdr-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jmx-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jpa-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsf-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsr77-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-logging-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-mail-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-management-client-content-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-messaging-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-modcluster-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-modules-eap-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-naming-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-network-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-configadmin-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-service-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-platform-mbean-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-pojo-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-process-controller-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-product-eap-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-protocol-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-remoting-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-sar-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-security-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-server-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-standalone-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-system-jmx-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-threads-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-transactions-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-version-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-web-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-webservices-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-welcome-content-eap-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-weld-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-xts-0:7.3.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-security-negotiation-0:2.2.10-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossts-1:4.17.15-5.Final_redhat_5.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossweb-0:7.3.2-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-xnio-base-0:3.0.10-1.GA_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "picketbox-0:4.0.19-8.SP8_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "resteasy-0:2.3.7.2-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "weld-core-0:1.1.17-4.SP3_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2014:0799", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "wss4j-0:1.6.15-1.redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.2 for RHEL 6", "release_date": "2014-06-26T00:00:00Z"}, {"advisory": "RHSA-2015:0720", "cpe": "cpe:/a:redhat:jboss_fuse_service_works:6.0", "package": "jboss-as-jaxrs", "product_name": "Red Hat JBoss Fuse Service Works 6.0", "release_date": "2015-03-24T00:00:00Z"}, {"advisory": "RHSA-2014:1904", "cpe": "cpe:/a:redhat:jboss_operations_network:3.3", "package": "jboss-as-jaxrs", "product_name": "Red Hat JBoss Operations Network 3.3", "release_date": "2014-11-25T00:00:00Z"}, {"advisory": "RHSA-2015:1009", "cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:6.2", "package": "jboss-as-jaxrs", "product_name": "Red Hat JBoss Portal 6.2", "release_date": "2015-05-14T00:00:00Z"}], "bugzilla": {"description": "JAX-RS: Information disclosure via XML eXternal Entity (XXE)", "id": "1105242", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1105242"}, "csaw": false, "cvss": {"cvss_base_score": "5.0", "cvss_scoring_vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "status": "verified"}, "cwe": "CWE-611", "details": ["org.jboss.as.jaxrs.deployment.JaxrsIntegrationProcessor in Red Hat JBoss Enterprise Application Platform (JEAP) before 6.2.4 enables entity expansion, which allows remote attackers to read arbitrary files via unspecified vectors, related to an XML External Entity (XXE) issue.", "It was found that the default context parameters as provided to RESTEasy deployments by JBoss EAP did not explicitly disable external entity expansion for RESTEasy. A remote attacker could use this flaw to perform XML External Entity (XXE) attacks on RESTEasy applications accepting XML input."], "name": "CVE-2014-3481", "package_state": [{"cpe": "cpe:/a:redhat:jboss_data_grid:6", "fix_state": "Affected", "package_name": "jboss-as-jaxrs", "product_name": "Red Hat JBoss Data Grid 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "others", "product_name": "Red Hat JBoss Enterprise Web Server 1"}], "public_date": "2014-06-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-3481\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-3481"], "threat_severity": "Moderate", "upstream_fix": "jboss-as-jaxrs-7.3.4.Final-redhat 1, WildFly 9.0.0.Beta1"}