{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-06-21T00:00:00", "descriptions": [{"lang": "en", "value": "The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-17T07:06:23", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "JVNDB-2016-000121", "tags": ["third-party-advisory", "x_refsource_JVNDB"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20190212-0001/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743480"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "GLSA-201705-09", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201705-09"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743738"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://tomcat.apache.org/security-9.html"}, {"name": "USN-3024-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3024-1"}, {"name": "RHSA-2016:2069", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2069.html"}, {"name": "1037029", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037029"}, {"name": "RHSA-2016:2068", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2068.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://tomcat.apache.org/security-7.html"}, {"name": "1036900", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036900"}, {"name": "91453", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/91453"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://tomcat.apache.org/security-8.html"}, {"name": "RHSA-2016:2072", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2072.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743722"}, {"name": "DSA-3611", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3611"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371"}, {"name": "RHSA-2016:2807", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2807.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"name": "openSUSE-SU-2016:2252", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html"}, {"name": "JVN#89379547", "tags": ["third-party-advisory", "x_refsource_JVN"], "url": "http://jvn.jp/en/jp/JVN89379547/index.html"}, {"name": "1036427", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1036427"}, {"name": "RHSA-2016:2070", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2070.html"}, {"name": "RHSA-2017:0457", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"}, {"name": "RHSA-2016:2808", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2808.html"}, {"name": "1039606", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039606"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743742"}, {"name": "RHSA-2016:2599", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2599.html"}, {"name": "DSA-3609", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3609"}, {"name": "RHSA-2017:0455", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:0455"}, {"name": "DSA-3614", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3614"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"name": "[dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E"}, {"name": "RHSA-2017:0456", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:0456"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349468"}, {"name": "RHSA-2016:2071", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2071.html"}, {"name": "USN-3027-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-3027-1"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"name": "GLSA-202107-39", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/202107-39"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-3092", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "JVNDB-2016-000121", "refsource": "JVNDB", "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121"}, {"name": "https://security.netapp.com/advisory/ntap-20190212-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20190212-0001/"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759"}, {"name": "http://svn.apache.org/viewvc?view=revision&revision=1743480", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision&revision=1743480"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "GLSA-201705-09", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201705-09"}, {"name": "http://svn.apache.org/viewvc?view=revision&revision=1743738", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision&revision=1743738"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840"}, {"name": "http://tomcat.apache.org/security-9.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-9.html"}, {"name": "USN-3024-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3024-1"}, {"name": "RHSA-2016:2069", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2069.html"}, {"name": "1037029", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037029"}, {"name": "RHSA-2016:2068", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2068.html"}, {"name": "http://tomcat.apache.org/security-7.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-7.html"}, {"name": "1036900", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036900"}, {"name": "91453", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91453"}, {"name": "http://tomcat.apache.org/security-8.html", "refsource": "CONFIRM", "url": "http://tomcat.apache.org/security-8.html"}, {"name": "RHSA-2016:2072", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2072.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"}, {"name": "http://svn.apache.org/viewvc?view=revision&revision=1743722", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision&revision=1743722"}, {"name": "DSA-3611", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3611"}, {"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371"}, {"name": "RHSA-2016:2807", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2807.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"name": "openSUSE-SU-2016:2252", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html"}, {"name": "JVN#89379547", "refsource": "JVN", "url": "http://jvn.jp/en/jp/JVN89379547/index.html"}, {"name": "1036427", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036427"}, {"name": "RHSA-2016:2070", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2070.html"}, {"name": "RHSA-2017:0457", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"}, {"name": "RHSA-2016:2808", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2808.html"}, {"name": "1039606", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039606"}, {"name": "http://svn.apache.org/viewvc?view=revision&revision=1743742", "refsource": "CONFIRM", "url": "http://svn.apache.org/viewvc?view=revision&revision=1743742"}, {"name": "RHSA-2016:2599", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2599.html"}, {"name": "DSA-3609", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3609"}, {"name": "RHSA-2017:0455", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0455"}, {"name": "DSA-3614", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3614"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"name": "[dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability", "refsource": "MLIST", "url": "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E"}, {"name": "RHSA-2017:0456", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0456"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1349468", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349468"}, {"name": "RHSA-2016:2071", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2071.html"}, {"name": "USN-3027-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3027-1"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"}, {"name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"name": "GLSA-202107-39", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202107-39"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T23:40:15.604Z"}, "title": "CVE Program Container", "references": [{"name": "JVNDB-2016-000121", "tags": ["third-party-advisory", "x_refsource_JVNDB", "x_transferred"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20190212-0001/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743480"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "GLSA-201705-09", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201705-09"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743738"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://tomcat.apache.org/security-9.html"}, {"name": "USN-3024-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3024-1"}, {"name": "RHSA-2016:2069", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2069.html"}, {"name": "1037029", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037029"}, {"name": "RHSA-2016:2068", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2068.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://tomcat.apache.org/security-7.html"}, {"name": "1036900", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1036900"}, {"name": "91453", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/91453"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://tomcat.apache.org/security-8.html"}, {"name": "RHSA-2016:2072", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2072.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743722"}, {"name": "DSA-3611", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3611"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371"}, {"name": "RHSA-2016:2807", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2807.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"name": "openSUSE-SU-2016:2252", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html"}, {"name": "JVN#89379547", "tags": ["third-party-advisory", "x_refsource_JVN", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN89379547/index.html"}, {"name": "1036427", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1036427"}, {"name": "RHSA-2016:2070", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2070.html"}, {"name": "RHSA-2017:0457", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"}, {"name": "RHSA-2016:2808", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2808.html"}, {"name": "1039606", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039606"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743742"}, {"name": "RHSA-2016:2599", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2599.html"}, {"name": "DSA-3609", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3609"}, {"name": "RHSA-2017:0455", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:0455"}, {"name": "DSA-3614", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3614"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"name": "[dev] 20160621 CVE-2016-3092: Apache Commons Fileupload information disclosure vulnerability", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E"}, {"name": "RHSA-2017:0456", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:0456"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349468"}, {"name": "RHSA-2016:2071", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-2071.html"}, {"name": "USN-3027-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-3027-1"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"name": "GLSA-202107-39", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/202107-39"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-3092", "datePublished": "2016-07-04T22:00:00", "dateReserved": "2016-03-10T00:00:00", "dateUpdated": "2024-08-05T23:40:15.604Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:hp:icewall_identity_manager:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "EE418D71-EAD6-4BB6-B6D6-88CE0FFA5A53", "vulnerable": true}, {"criteria": "cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "531FE660-C1A9-4C83-90BE-E38AA493D4F7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*", "matchCriteriaId": "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*", "matchCriteriaId": "C0C5F004-F7D8-45DB-B173-351C50B0EC16", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*", "matchCriteriaId": "D1902D2E-1896-4D3D-9E1C-3A675255072C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*", "matchCriteriaId": "454211D0-60A2-4661-AECA-4C0121413FEB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc1:*:*:*:*:*:*", "matchCriteriaId": "4752862B-7D26-4285-B8A0-CF082C758353", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc10:*:*:*:*:*:*", "matchCriteriaId": "58EA7199-3373-4F97-9907-3A479A02155E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc2:*:*:*:*:*:*", "matchCriteriaId": "4693BD36-E522-4C8E-9667-8F3E14A05EF3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:rc5:*:*:*:*:*:*", "matchCriteriaId": "2BBBC5EA-012C-4C5D-A61B-BAF134B300DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "AFF96F96-34DB-4EB3-BF59-11220673FA26", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "61E008F8-2F01-4DD8-853A-337B4B4163C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "701424A2-BB06-44B5-B468-7164E4F95529", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "8F9A5B7E-33A9-4651-9BE1-371A0064B661", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "F99252E8-A59C-48E1-B251-718D7FB3E399", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "4E0DDEF6-A8EE-46C4-A046-A1F26E7C4E87", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "14B38892-9C00-4510-B7BA-F2A8F2CACCAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "7409B064-D43E-489E-AEC6-0A767FB21737", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "F019268F-80C4-48FE-8164-E9DA0A3BAFF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "1EFBD214-FCFE-4F04-A903-66EFDA764B9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "425D86B3-6BB9-410D-8125-F7CF87290AD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "3EE3BB0D-1002-41E4-9BE8-875D97330057", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "6622472B-8644-4D45-A54B-A215C3D64B83", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "B338F95B-2924-435B-827F-E64420A93244", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*", "matchCriteriaId": "209D1349-7740-4DBE-80A5-E6343C62BAB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "09E77C24-C265-403D-A193-B3739713F6B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "28616FA3-9A98-4AAE-9F94-3E77A14156EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*", "matchCriteriaId": "603A14BF-72BB-4A3D-8CBC-932DC45CEC06", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "4C2E1C55-3C89-4F26-A981-1195BCC9BB5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "31BB906B-812F-462C-9AEE-147C1418D865", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "69A7FC28-A0EC-4516-9776-700343D2F4DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D4D811A9-4988-4C11-AA27-F5BE2B93D8D4", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:commons_fileupload:*:*:*:*:*:*:*:*", "matchCriteriaId": "63CCC942-8906-421A-A1C8-E105B54912D5", "versionEndIncluding": "1.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "matchCriteriaId": "E88A537F-F4D0-46B9-9E37-965233C2A355", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F8C62EF-1B67-456A-9C66-755439CF8556", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.0:beta:*:*:*:*:*:*", "matchCriteriaId": "33E9607B-4D28-460D-896B-E4B7FA22441E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A819E245-D641-4F19-9139-6C940504F6E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.2:beta:*:*:*:*:*:*", "matchCriteriaId": "81A31CA0-A209-4C49-AA06-C38E165E5B68", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "08022987-B36B-4F63-88A5-A8F59195DF4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.4:beta:*:*:*:*:*:*", "matchCriteriaId": "0AA563BF-A67A-477D-956A-167ABEF885C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FF4B7557-EF35-451E-B55D-3296966695AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.5:beta:*:*:*:*:*:*", "matchCriteriaId": "6F1B937B-57E0-4E88-9E39-39012A924525", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "8980E61E-27BE-4858-82B3-C0E8128AF521", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "88CE057E-2092-4C98-8D0C-75CF439D0A9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A9731BAA-4C6C-4259-B786-F577D8A90FA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "1F74A421-D019-4248-84B8-C70D4D9A8A95", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "305688F2-50A6-41FB-8614-BC589DB9A789", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "25966344-15D5-4101-9346-B06BFD2DFFF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "0D4F710E-06EA-48F4-AC6A-6F143950F015", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "2C4936C2-0B2D-4C44-98C3-443090965F5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "48453405-2319-4327-9F4C-6F70B49452C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "49DD9544-6424-41A6-AEC0-EC19B8A10E71", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "E4670E65-2E11-49A4-B661-57C2F60D411F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "31002A23-4788-4BC7-AE11-A3C2AA31716D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "7144EDDF-8265-4642-8EEB-ED52527E0A26", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "DF06B5C1-B9DD-4673-A101-56E1E593ACDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", "matchCriteriaId": "7D731065-626B-4425-8E49-F708DD457824", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "B3D850EA-E537-42C8-93B9-96E15CB26747", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "E037DA05-2BEF-4F64-B8BB-307247B6A05C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", "matchCriteriaId": "D395D95B-1F4A-420E-A0F6-609360AF7B69", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "9BD221BA-0AB6-4972-8AD9-5D37AC07762F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "E55B6565-96CB-4F6A-9A80-C3FB82F30546", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "D3300AFE-49A4-4904-B9A0-5679F09FA01E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", "matchCriteriaId": "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", "matchCriteriaId": "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", "matchCriteriaId": "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", "matchCriteriaId": "DA8A7333-B4C3-4876-AE01-62F2FD315504", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", "matchCriteriaId": "92993E23-D805-407B-8B87-11CEEE8B212F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", "matchCriteriaId": "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", "matchCriteriaId": "C947E549-2459-4AFB-84A7-36BDA30B5F29", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", "matchCriteriaId": "5D55DF79-F9BE-4907-A4D8-96C4B11189ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", "matchCriteriaId": "14AB5787-82D7-4F78-BE93-4556AB7A7D0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", "matchCriteriaId": "F8E9453E-BC9B-4F77-85FA-BA15AC55C245", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", "matchCriteriaId": "A7EF0518-73F9-47DB-8946-A8334936BEFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", "matchCriteriaId": "95AA8778-7833-4572-A71B-5FD89938CE94", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", "matchCriteriaId": "242E47CE-EF69-4F8F-AB40-5AF2811674CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*", "matchCriteriaId": "CDA1555C-E55A-4E14-B786-BFEE3F09220B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*", "matchCriteriaId": "F8075E9A-DA7F-4A0B-8B4D-0CD951369111", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*", "matchCriteriaId": "335A5320-6086-4B45-9903-82F6F92A584F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*", "matchCriteriaId": "46B33408-C2E2-4E7C-9334-6AB98F13468C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*", "matchCriteriaId": "9F036676-9EFB-4A92-828E-A38905D594E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*", "matchCriteriaId": "E9728EE8-6029-4DF3-942E-E4ACC09111A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*", "matchCriteriaId": "34E7DAC8-8419-45D1-A28F-14CF2FE1B6EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*", "matchCriteriaId": "89B87EB5-4902-4C2A-878A-45185F7D0FA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*", "matchCriteriaId": "C0596E6C-9ACE-4106-A2FF-BED7967C323F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string."}, {"lang": "es", "value": "La clase MultipartStream en Apache Commons Fileupload en versiones anteriores a 1.3.2, tal como se utiliza en Apache Tomcat 7.x en versiones anteriores a 7.0.70, 8.x en versiones anteriores a 8.0.36, 8.5.x en versiones anteriores a 8.5.3 y 9.x en versiones anteriores a 9.0.0.M7 y otros productos, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (consumo de CPU) a trav\u00e9s de una cadena de l\u00edmite largo."}], "id": "CVE-2016-3092", "lastModified": "2023-12-08T16:41:18.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-07-04T22:59:04.303", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://jvn.jp/en/jp/JVN89379547/index.html"}, {"source": "secalert@redhat.com", "tags": ["VDB Entry", "Vendor Advisory"], "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2016-000121"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2016-09/msg00025.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List"], "url": "http://mail-archives.apache.org/mod_mbox/commons-dev/201606.mbox/%3CCAF8HOZ%2BPq2QH8RnxBuJyoK1dOz6jrTiQypAC%2BH8g6oZkBg%2BCxg%40mail.gmail.com%3E"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2068.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2069.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2070.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2071.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2072.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2599.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2807.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-2808.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"}, {"source": "secalert@redhat.com", "url": "http://svn.apache.org/viewvc?view=revision&revision=1743480"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743722"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743738"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://svn.apache.org/viewvc?view=revision&revision=1743742"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://tomcat.apache.org/security-7.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://tomcat.apache.org/security-8.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://tomcat.apache.org/security-9.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3609"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3611"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2016/dsa-3614"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/91453"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id/1036427"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id/1036900"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id/1037029"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id/1039606"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3024-1"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-3027-1"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2017:0455"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2017:0456"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349468"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Permissions Required", "Third Party Advisory"], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05204371"}, {"source": "secalert@redhat.com", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05289840"}, {"source": "secalert@redhat.com", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05324759"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/201705-09"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/202107-39"}, {"source": "secalert@redhat.com", "url": "https://security.netapp.com/advisory/ntap-20190212-0001/"}, {"source": "secalert@redhat.com", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"source": "secalert@redhat.com", "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2016:2599", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "tomcat-0:7.0.69-10.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2016-11-03T00:00:00Z"}, {"advisory": "RHSA-2016:2071", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "apache-cxf-0:2.7.18-4.SP3_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hornetq-0:2.3.25-16.SP14_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-appclient-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-appclient-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-bundles-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cli-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-client-all-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-clustering-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cmp-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-configadmin-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-connector-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-client-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-core-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-core-security-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-repository-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-scanner-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-domain-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-http-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-management-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-deployment-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ejb3-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-embedded-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-host-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jacorb-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-javadocs-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxr-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxrs-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jdr-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jmx-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jpa-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsf-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsr77-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-logging-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-mail-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-management-client-content-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-messaging-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-modcluster-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-modules-eap-0:7.5.11-2.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-naming-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-network-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-configadmin-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-service-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-picketlink-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-platform-mbean-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-pojo-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-process-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-product-eap-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-protocol-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-remoting-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-sar-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-security-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-server-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-standalone-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-system-jmx-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-threads-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-transactions-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-version-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-web-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-webservices-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-welcome-content-eap-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-weld-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-xts-0:7.5.11-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-remote-naming-0:1.0.13-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossts-1:4.17.35-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossweb-0:7.5.19-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "picketlink-bindings-0:2.5.4-13.SP11_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2070", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "picketlink-federation-0:2.5.4-13.SP11_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "apache-cxf-0:2.7.18-4.SP3_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hornetq-0:2.3.25-16.SP14_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-appclient-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-appclient-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-bundles-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cli-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-client-all-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-clustering-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cmp-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-configadmin-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-connector-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-client-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-core-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-core-security-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-repository-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-scanner-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-domain-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-http-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-management-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-deployment-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ejb3-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-embedded-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-host-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jacorb-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-javadocs-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxr-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxrs-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jdr-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jmx-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jpa-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsf-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsr77-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-logging-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-mail-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-management-client-content-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-messaging-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-modcluster-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-modules-eap-0:7.5.11-2.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-naming-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-network-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-configadmin-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-service-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-picketlink-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-platform-mbean-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-pojo-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-process-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-product-eap-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-protocol-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-remoting-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-sar-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-security-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-server-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-standalone-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-system-jmx-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-threads-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-transactions-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-version-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-web-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-webservices-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-welcome-content-eap-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-weld-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-xts-0:7.5.11-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-remote-naming-0:1.0.13-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossts-1:4.17.35-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossweb-0:7.5.19-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "picketlink-bindings-0:2.5.4-13.SP11_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2068", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "picketlink-federation-0:2.5.4-13.SP11_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2072", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-ec2-eap-0:7.5.11-1.Final_redhat_1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "apache-cxf-0:2.7.18-4.SP3_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hornetq-0:2.3.25-16.SP14_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-appclient-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-appclient-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-bundles-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cli-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-client-all-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-clustering-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cmp-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-configadmin-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-connector-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-client-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-core-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-core-security-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-repository-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-scanner-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-domain-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-http-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-management-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-deployment-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ejb3-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-embedded-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-host-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jacorb-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-javadocs-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxr-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxrs-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jdr-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jmx-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jpa-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsf-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsr77-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-logging-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-mail-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-management-client-content-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-messaging-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-modcluster-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-modules-eap-0:7.5.11-2.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-naming-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-network-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-configadmin-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-service-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-picketlink-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-platform-mbean-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-pojo-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-process-controller-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-product-eap-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-protocol-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-remoting-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-sar-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-security-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-server-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-standalone-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-system-jmx-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-threads-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-transactions-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-version-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-web-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-webservices-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-welcome-content-eap-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-weld-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-xts-0:7.5.11-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-remote-naming-0:1.0.13-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossts-1:4.17.35-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossweb-0:7.5.19-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "picketlink-bindings-0:2.5.4-13.SP11_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2069", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "picketlink-federation-0:2.5.4-13.SP11_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-10-17T00:00:00Z"}, {"advisory": "RHSA-2016:2807", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el6", "package": "tomcat7-0:7.0.54-23_patch_05.ep6.el6", "product_name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 6", "release_date": "2016-11-17T00:00:00Z"}, {"advisory": "RHSA-2016:2807", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2::el7", "package": "tomcat7-0:7.0.54-23_patch_05.ep6.el7", "product_name": "Red Hat JBoss Enterprise Web Server 2 for RHEL 7", "release_date": "2016-11-17T00:00:00Z"}, {"advisory": "RHSA-2016:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2.1", "package": "tomcat7", "product_name": "Red Hat JBoss Web Server 2.1", "release_date": "2016-11-17T00:00:00Z"}, {"advisory": "RHSA-2017:0457", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1", "product_name": "Red Hat JBoss Web Server 3.1", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "hibernate4-eap6-0:4.2.23-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "jbcs-httpd24-0:1-3.jbcs.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "jbcs-httpd24-apache-commons-daemon-0:1.0.15-1.redhat_2.1.jbcs.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.0.15-17.redhat_2.jbcs.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "mod_cluster-0:1.3.5-2.Final_redhat_2.1.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat7-0:7.0.70-16.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat8-0:8.0.36-17.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat-native-0:1.2.8-9.redhat_9.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat-vault-0:1.0.8-9.Final_redhat_2.1.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "hibernate4-eap6-0:4.2.23-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "jbcs-httpd24-0:1-3.jbcs.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "jbcs-httpd24-apache-commons-daemon-0:1.0.15-1.redhat_2.1.jbcs.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.0.15-17.redhat_2.jbcs.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "mod_cluster-0:1.3.5-2.Final_redhat_2.1.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat7-0:7.0.70-16.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat8-0:8.0.36-17.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat-native-0:1.2.8-9.redhat_9.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat-vault-0:1.0.8-9.Final_redhat_2.1.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}], "bugzilla": {"description": "tomcat: Usage of vulnerable FileUpload package can result in denial of service", "id": "1349468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1349468"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-20", "details": ["The MultipartStream class in Apache Commons Fileupload before 1.3.2, as used in Apache Tomcat 7.x before 7.0.70, 8.x before 8.0.36, 8.5.x before 8.5.3, and 9.x before 9.0.0.M7 and other products, allows remote attackers to cause a denial of service (CPU consumption) via a long boundary string.", "A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer (4096 bytes) used to read the uploaded file if the boundary was the typical tens of bytes long."], "name": "CVE-2016-3092", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "tomcat5", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "tomcat6", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:6", "fix_state": "Affected", "package_name": "jbossweb", "product_name": "Red Hat JBoss Data Grid 6"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Affected", "package_name": "jbossweb", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:4", "fix_state": "Not affected", "package_name": "jbossweb", "product_name": "Red Hat JBoss Enterprise Application Platform 4"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "fix_state": "Not affected", "package_name": "jbossweb", "product_name": "Red Hat JBoss Enterprise Application Platform 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "tomcat5", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "tomcat6", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2", "fix_state": "Not affected", "package_name": "tomcat6", "product_name": "Red Hat JBoss Enterprise Web Server 2"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3", "fix_state": "Affected", "package_name": "tomcat7", "product_name": "Red Hat JBoss Enterprise Web Server 3"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3", "fix_state": "Affected", "package_name": "tomcat8", "product_name": "Red Hat JBoss Enterprise Web Server 3"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Affected", "package_name": "jbossweb", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Affected", "package_name": "jbossweb", "product_name": "Red Hat JBoss Operations Network 3"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:6", "fix_state": "Affected", "package_name": "jbossweb", "product_name": "Red Hat JBoss Portal 6"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "rh-java-common-tomcat", "product_name": "Red Hat Software Collections"}], "public_date": "2016-06-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-3092\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-3092\nhttp://tomcat.apache.org/security-7.html\nhttp://tomcat.apache.org/security-8.html"], "threat_severity": "Moderate", "upstream_fix": "tomcat 7.0.70, tomcat 8.5.3, tomcat 8.0.36"}