{"containers": {"cna": {"affected": [{"product": "Apache Tomcat", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "9.0.0.M1 to 9.0.0.M11"}, {"status": "affected", "version": "8.5.0 to 8.5.6"}, {"status": "affected", "version": "8.0.0.RC1 to 8.0.38"}, {"status": "affected", "version": "7.0.0 to 7.0.72"}, {"status": "affected", "version": "6.0.0 to 6.0.47"}, {"status": "affected", "version": "Earlier, unsupported versions may also be affected."}]}], "datePublic": "2016-11-08T00:00:00", "descriptions": [{"lang": "en", "value": "The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own."}], "problemTypes": [{"descriptions": [{"description": "character validation bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-10-05T21:06:19", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"name": "RHSA-2017:0250", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"}, {"name": "41783", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/41783/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13"}, {"name": "94461", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/94461"}, {"name": "DSA-3738", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3738"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73"}, {"name": "RHSA-2017:0244", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"name": "RHSA-2017:0935", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:0935"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20180607-0001/"}, {"name": "RHSA-2017:0457", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"}, {"name": "RHSA-2017:0246", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"}, {"name": "1037332", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1037332"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48"}, {"name": "RHSA-2017:0455", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:0455"}, {"name": "RHSA-2017:0527", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0527.html"}, {"name": "RHSA-2017:0245", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"}, {"name": "RHSA-2017:0456", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:0456"}, {"name": "RHSA-2017:0247", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"}, {"name": "USN-4557-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4557-1/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2016-6816", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Tomcat", "version": {"version_data": [{"version_value": "9.0.0.M1 to 9.0.0.M11"}, {"version_value": "8.5.0 to 8.5.6"}, {"version_value": "8.0.0.RC1 to 8.0.38"}, {"version_value": "7.0.0 to 7.0.72"}, {"version_value": "6.0.0 to 6.0.47"}, {"version_value": "Earlier, unsupported versions may also be affected."}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "character validation bypass"}]}]}, "references": {"reference_data": [{"name": "RHSA-2017:0250", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"}, {"name": "41783", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/41783/"}, {"name": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39", "refsource": "CONFIRM", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39"}, {"name": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13", "refsource": "CONFIRM", "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13"}, {"name": "94461", "refsource": "BID", "url": "http://www.securityfocus.com/bid/94461"}, {"name": "DSA-3738", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3738"}, {"name": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73", "refsource": "CONFIRM", "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73"}, {"name": "RHSA-2017:0244", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"name": "RHSA-2017:0935", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0935"}, {"name": "https://security.netapp.com/advisory/ntap-20180607-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180607-0001/"}, {"name": "RHSA-2017:0457", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"}, {"name": "RHSA-2017:0246", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"}, {"name": "1037332", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1037332"}, {"name": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8", "refsource": "CONFIRM", "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8"}, {"name": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48", "refsource": "CONFIRM", "url": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48"}, {"name": "RHSA-2017:0455", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0455"}, {"name": "RHSA-2017:0527", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0527.html"}, {"name": "RHSA-2017:0245", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"}, {"name": "RHSA-2017:0456", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:0456"}, {"name": "RHSA-2017:0247", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b@%3Cdev.tomcat.apache.org%3E"}, {"name": "USN-4557-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4557-1/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:43:38.464Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2017:0250", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"}, {"name": "41783", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/41783/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13"}, {"name": "94461", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/94461"}, {"name": "DSA-3738", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2016/dsa-3738"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73"}, {"name": "RHSA-2017:0244", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"name": "RHSA-2017:0935", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:0935"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20180607-0001/"}, {"name": "RHSA-2017:0457", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"}, {"name": "RHSA-2017:0246", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"}, {"name": "1037332", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1037332"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48"}, {"name": "RHSA-2017:0455", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:0455"}, {"name": "RHSA-2017:0527", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0527.html"}, {"name": "RHSA-2017:0245", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"}, {"name": "RHSA-2017:0456", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:0456"}, {"name": "RHSA-2017:0247", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [25/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [23/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [22/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [24/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [21/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [17/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [16/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190413 svn commit: r1857494 [15/20] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [17/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [19/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190415 svn commit: r1857582 [16/22] - in /tomcat/site/trunk: docs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200203 svn commit: r1873527 [23/30] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [27/34] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [26/34] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"}, {"name": "USN-4557-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4557-1/"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2016-6816", "datePublished": "2017-03-20T18:00:00", "dateReserved": "2016-08-12T00:00:00", "dateUpdated": "2024-08-06T01:43:38.464Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "49E3C039-A949-4F1B-892A-57147EECB249", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "F28C7801-41B9-4552-BA1E-577967BCBBEE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "25B21085-7259-4685-9D1F-FF98E6489E10", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "635EE321-2A1F-4FF8-95BE-0C26591969D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "9A81B035-8598-4D2C-B45F-C6C9D4B10C2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "E1096947-82A6-4EA8-A4F2-00D91E3F7DAF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "0EBFA1D3-16A6-4041-BB30-51D2EE0F2AF4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "B70B372F-EFFD-4AF7-99B5-7D1B23A0C54C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "9C95ADA4-66F5-45C4-A677-ACE22367A75A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "11951A10-39A2-4FF5-8C43-DF94730FB794", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "351E5BCF-A56B-4D91-BA3C-21A4B77D529A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "2DC2BBB4-171E-4EFF-A575-A5B7FF031755", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "6B6B0504-27C1-4824-A928-A878CBBAB32D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "CE81AD36-ACD1-4C6C-8E7C-5326D1DA3045", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "D903956B-14F5-4177-AF12-0A5F1846D3C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "81F847DC-A2F5-456C-9038-16A0E85F4C3B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "AF3EBD00-1E1E-452D-AFFB-08A6BD111DDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "C6B93A3A-D487-4CA1-8257-26F8FE287B8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "BD8802B2-57E0-4AA6-BC8E-00DE60468569", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "8461DF95-18DC-4BF5-A703-7F19DA88DC30", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "1F4C9BCF-9C73-4991-B02F-E08C5DA06EBA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "0682A754-5E5E-48D4-836A-16841FD59445", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "3A8F2DFC-6A74-43AB-A813-957A1F7097A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "277332E0-60D9-4318-A068-901F3B037FA9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "2823789C-2CB6-4300-94DB-BDBE83ABA8E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "759588B8-DD36-474E-978B-75638962E743", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "C5416C76-46ED-4CB1-A7F8-F24EA16DE7F9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "A61429EE-4331-430C-9830-58DCCBCBCB58", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.28:*:*:*:*:*:*:*", "matchCriteriaId": "31B3593F-CEDF-423C-90F8-F88EED87DC3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "AE7862B2-E1FA-4E16-92CD-8918AB461D9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "A9E03BE3-60CC-4415-B993-D0BB00F87A30", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "CE92E59A-FF0D-4D1A-8B12-CC41A7E1FD3C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.32:*:*:*:*:*:*:*", "matchCriteriaId": "BFD64FE7-ABAF-49F3-B8D0-91C37C822F4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "48E5E8C3-21AD-4230-B945-AB7DE66307B9", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "2949EC36-0056-43F0-93EC-681EAC22B112", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "4945C8C1-C71B-448B-9075-07C6C92599CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.36:*:*:*:*:*:*:*", "matchCriteriaId": "ED4730B0-2E09-408B-AFD4-FE00F73700FD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.37:*:*:*:*:*:*:*", "matchCriteriaId": "B8DE8A8A-7643-4292-BCC1-758AE0940207", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.38:*:*:*:*:*:*:*", "matchCriteriaId": "3CB6826E-FEBF-4DD7-BED5-1942DFA73BE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.39:*:*:*:*:*:*:*", "matchCriteriaId": "E9B54FCD-CF7C-47E2-8513-40419E47AF49", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.40:*:*:*:*:*:*:*", "matchCriteriaId": "8B9AC2B8-D1AC-48E2-B88E-C7837D4F8A7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.41:*:*:*:*:*:*:*", "matchCriteriaId": "D87EFB6D-B626-469F-907C-40C771A55833", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.42:*:*:*:*:*:*:*", "matchCriteriaId": "38DA4B34-1759-4FC5-82E9-B2223905B9B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.43:*:*:*:*:*:*:*", "matchCriteriaId": "6330B97B-8FC5-4D7E-A960-5D94EDD0C378", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.44:*:*:*:*:*:*:*", "matchCriteriaId": "2A0B2FA4-772E-4B23-8B3F-CC86515E4226", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.45:*:*:*:*:*:*:*", "matchCriteriaId": "0AE27868-CBD2-4EB9-8732-DD4C0E10D6D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.46:*:*:*:*:*:*:*", "matchCriteriaId": "7B1F7611-C424-4B5E-94B3-3B69EABF342E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:6.0.47:*:*:*:*:*:*:*", "matchCriteriaId": "4C132EED-8FCA-4FDA-9FF6-C5FA44E8DA2E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "0F8C62EF-1B67-456A-9C66-755439CF8556", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A819E245-D641-4F19-9139-6C940504F6E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8C381275-10C5-4939-BCE3-0D1F3B3CB2EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "7205475A-6D04-4042-B24E-1DA5A57029B7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "08022987-B36B-4F63-88A5-A8F59195DF4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FF4B7557-EF35-451E-B55D-3296966695AC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "8980E61E-27BE-4858-82B3-C0E8128AF521", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "8756BF9B-3E24-4677-87AE-31CE776541F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "88CE057E-2092-4C98-8D0C-75CF439D0A9C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "8F194580-EE6D-4E38-87F3-F0661262256B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "A9731BAA-4C6C-4259-B786-F577D8A90FA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "1F74A421-D019-4248-84B8-C70D4D9A8A95", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "2BA27FF9-4C66-4E17-95C0-1CB2DAA6AFC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "05346F5A-FB52-4376-AAC7-9A5308216545", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "305688F2-50A6-41FB-8614-BC589DB9A789", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "D24AA431-C436-4AA5-85DF-B9AAFF2548FC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "25966344-15D5-4101-9346-B06BFD2DFFF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "11F4CBAC-27B1-4EFF-955A-A63B457D0578", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "FD55B338-9DBE-4643-ABED-A08964D3AF7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "0D4F710E-06EA-48F4-AC6A-6F143950F015", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "2C4936C2-0B2D-4C44-98C3-443090965F5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "48453405-2319-4327-9F4C-6F70B49452C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "49DD9544-6424-41A6-AEC0-EC19B8A10E71", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "E4670E65-2E11-49A4-B661-57C2F60D411F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "5E8FF71D-4710-4FBB-9925-A6A26C450F7D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "31002A23-4788-4BC7-AE11-A3C2AA31716D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "7144EDDF-8265-4642-8EEB-ED52527E0A26", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "DF06B5C1-B9DD-4673-A101-56E1E593ACDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.28:*:*:*:*:*:*:*", "matchCriteriaId": "7D731065-626B-4425-8E49-F708DD457824", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "B3D850EA-E537-42C8-93B9-96E15CB26747", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "E037DA05-2BEF-4F64-B8BB-307247B6A05C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "BCAF1EB5-FB34-40FC-96ED-9D073890D8BF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.32:*:*:*:*:*:*:*", "matchCriteriaId": "D395D95B-1F4A-420E-A0F6-609360AF7B69", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "9BD221BA-0AB6-4972-8AD9-5D37AC07762F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "E55B6565-96CB-4F6A-9A80-C3FB82F30546", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "D3300AFE-49A4-4904-B9A0-5679F09FA01E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.36:*:*:*:*:*:*:*", "matchCriteriaId": "ED5125CC-05F9-4678-90DB-A5C7CD24AE6F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.37:*:*:*:*:*:*:*", "matchCriteriaId": "7BD93669-1B30-4BF8-AD7D-F60DD8D63CC8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.38:*:*:*:*:*:*:*", "matchCriteriaId": "1B904C74-B92E-4EAE-AE6C-78E2B844C3DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.39:*:*:*:*:*:*:*", "matchCriteriaId": "B8C8C97F-6C9D-4647-AB8A-ADAA5536DDE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.40:*:*:*:*:*:*:*", "matchCriteriaId": "2C6109D1-BC36-40C5-A02A-7AEBC949BAC0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.41:*:*:*:*:*:*:*", "matchCriteriaId": "DA8A7333-B4C3-4876-AE01-62F2FD315504", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.42:*:*:*:*:*:*:*", "matchCriteriaId": "92993E23-D805-407B-8B87-11CEEE8B212F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.43:*:*:*:*:*:*:*", "matchCriteriaId": "7A11BD74-305C-41E2-95B1-5008EEF5FA5F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.44:*:*:*:*:*:*:*", "matchCriteriaId": "595442D0-9DB7-475A-AE30-8535B70E122E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.45:*:*:*:*:*:*:*", "matchCriteriaId": "4B0BA92A-0BD3-4CE4-9465-95E949104BAC", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.46:*:*:*:*:*:*:*", "matchCriteriaId": "6F944B72-B9EB-4EB8-AEA3-E0D7ADBE1305", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.47:*:*:*:*:*:*:*", "matchCriteriaId": "6AA28D3A-3EE5-4F90-B8F5-4943F7607DA6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.48:*:*:*:*:*:*:*", "matchCriteriaId": "BFD3EB84-2ED2-49D4-8BC9-6398C2E46F0A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.49:*:*:*:*:*:*:*", "matchCriteriaId": "DEDF6E1A-0DD6-42AB-9510-F6F4B6002C91", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.50:*:*:*:*:*:*:*", "matchCriteriaId": "C947E549-2459-4AFB-84A7-36BDA30B5F29", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.51:*:*:*:*:*:*:*", "matchCriteriaId": "67A0EA46-5AEA-4D0A-B89E-6560FA10EC08", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.52:*:*:*:*:*:*:*", "matchCriteriaId": "5D55DF79-F9BE-4907-A4D8-96C4B11189ED", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.53:*:*:*:*:*:*:*", "matchCriteriaId": "14AB5787-82D7-4F78-BE93-4556AB7A7D0E", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.54:*:*:*:*:*:*:*", "matchCriteriaId": "F8E9453E-BC9B-4F77-85FA-BA15AC55C245", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.55:*:*:*:*:*:*:*", "matchCriteriaId": "A7EF0518-73F9-47DB-8946-A8334936BEFF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.56:*:*:*:*:*:*:*", "matchCriteriaId": "95AA8778-7833-4572-A71B-5FD89938CE94", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.57:*:*:*:*:*:*:*", "matchCriteriaId": "242E47CE-EF69-4F8F-AB40-5AF2811674CE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.58:*:*:*:*:*:*:*", "matchCriteriaId": "A225D4F7-174E-47C3-8390-C6FA28DB5A9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.59:*:*:*:*:*:*:*", "matchCriteriaId": "CDA1555C-E55A-4E14-B786-BFEE3F09220B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.60:*:*:*:*:*:*:*", "matchCriteriaId": "6BAC42AE-B82A-4ABF-9519-B2D97D925707", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.61:*:*:*:*:*:*:*", "matchCriteriaId": "F8075E9A-DA7F-4A0B-8B4D-0CD951369111", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.62:*:*:*:*:*:*:*", "matchCriteriaId": "335A5320-6086-4B45-9903-82F6F92A584F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.63:*:*:*:*:*:*:*", "matchCriteriaId": "46B33408-C2E2-4E7C-9334-6AB98F13468C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.64:*:*:*:*:*:*:*", "matchCriteriaId": "9F036676-9EFB-4A92-828E-A38905D594E2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.65:*:*:*:*:*:*:*", "matchCriteriaId": "E9728EE8-6029-4DF3-942E-E4ACC09111A3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.66:*:*:*:*:*:*:*", "matchCriteriaId": "62DBB843-288C-4060-8777-6CDCF1860D29", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.67:*:*:*:*:*:*:*", "matchCriteriaId": "34E7DAC8-8419-45D1-A28F-14CF2FE1B6EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.68:*:*:*:*:*:*:*", "matchCriteriaId": "89B87EB5-4902-4C2A-878A-45185F7D0FA1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.69:*:*:*:*:*:*:*", "matchCriteriaId": "C0596E6C-9ACE-4106-A2FF-BED7967C323F", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.70:*:*:*:*:*:*:*", "matchCriteriaId": "8F7158DC-966B-4508-8600-40E3E9D3D0DF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.71:*:*:*:*:*:*:*", "matchCriteriaId": "A190FE0D-86C1-49EE-BDAE-5879C32BDC92", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:7.0.72:*:*:*:*:*:*:*", "matchCriteriaId": "CA20F45F-01A2-43DD-9731-DFF54E31719F", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:8.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "67E42327-8AEA-4B92-BA5F-AF94430B3BBF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "2A358FDF-C249-4D7A-9445-8B9E7D9D40AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8C4DB619-F6B0-4896-9AE2-7E7D92105577", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "AFF96F96-34DB-4EB3-BF59-11220673FA26", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "44883383-6360-4BE6-9B48-1308F85E5797", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "EDF3E379-47D2-4C86-8C6D-8B3C25A0E1C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "E82391BD-10FF-4E7F-91DC-35AA11325530", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "92C22F12-C072-4A12-A4A9-CBF589A36FF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "61E008F8-2F01-4DD8-853A-337B4B4163C6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "6A776B25-6AF1-421B-8E47-2A7499F6B4D2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "7A332FDE-42AE-4F48-9553-5AE953CD6D3A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "701424A2-BB06-44B5-B468-7164E4F95529", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.12:*:*:*:*:*:*:*", "matchCriteriaId": "1BA6388C-5B6E-4651-8AE3-EBCCF61C27E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "A63FA521-9D20-49B9-A9A4-0DF891B4E4E6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.14:*:*:*:*:*:*:*", "matchCriteriaId": "8F9A5B7E-33A9-4651-9BE1-371A0064B661", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.15:*:*:*:*:*:*:*", "matchCriteriaId": "F99252E8-A59C-48E1-B251-718D7FB3E399", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "9D05293B-B9D8-42F1-9367-9D2E058EFAD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.17:*:*:*:*:*:*:*", "matchCriteriaId": "4E0DDEF6-A8EE-46C4-A046-A1F26E7C4E87", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.18:*:*:*:*:*:*:*", "matchCriteriaId": "14B38892-9C00-4510-B7BA-F2A8F2CACCAE", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "8C913AA6-2260-4249-BE1D-7139F45735D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "7409B064-D43E-489E-AEC6-0A767FB21737", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.21:*:*:*:*:*:*:*", "matchCriteriaId": "F019268F-80C4-48FE-8164-E9DA0A3BAFF6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.22:*:*:*:*:*:*:*", "matchCriteriaId": "1EFBD214-FCFE-4F04-A903-66EFDA764B9A", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.23:*:*:*:*:*:*:*", "matchCriteriaId": "425D86B3-6BB9-410D-8125-F7CF87290AD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "3EE3BB0D-1002-41E4-9BE8-875D97330057", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "25D0E80B-EDDA-4876-912D-44BFE6211EB0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.26:*:*:*:*:*:*:*", "matchCriteriaId": "6622472B-8644-4D45-A54B-A215C3D64B83", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.27:*:*:*:*:*:*:*", "matchCriteriaId": "B338F95B-2924-435B-827F-E64420A93244", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.28:*:*:*:*:*:*:*", "matchCriteriaId": "209D1349-7740-4DBE-80A5-E6343C62BAB5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.29:*:*:*:*:*:*:*", "matchCriteriaId": "09E77C24-C265-403D-A193-B3739713F6B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.30:*:*:*:*:*:*:*", "matchCriteriaId": "28616FA3-9A98-4AAE-9F94-3E77A14156EA", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.31:*:*:*:*:*:*:*", "matchCriteriaId": "335925DA-11C0-4222-B6B7-82602B361751", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.32:*:*:*:*:*:*:*", "matchCriteriaId": "603A14BF-72BB-4A3D-8CBC-932DC45CEC06", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.33:*:*:*:*:*:*:*", "matchCriteriaId": "4C2E1C55-3C89-4F26-A981-1195BCC9BB5C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.34:*:*:*:*:*:*:*", "matchCriteriaId": "FC242407-A447-4ABD-8E19-EB6DB1F35121", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.35:*:*:*:*:*:*:*", "matchCriteriaId": "31BB906B-812F-462C-9AEE-147C1418D865", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.36:*:*:*:*:*:*:*", "matchCriteriaId": "0B701E17-D231-44ED-A46E-C67749A725B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.37:*:*:*:*:*:*:*", "matchCriteriaId": "B8CAF2F7-D227-4F06-B0E6-533C5EDB105B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.0.38:*:*:*:*:*:*:*", "matchCriteriaId": "305B73CE-0224-4E73-8EB2-FC41A62FBA08", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "69A7FC28-A0EC-4516-9776-700343D2F4DB", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "18814653-6D44-47D9-A2F5-89C5AFB255F8", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.5.2:*:*:*:*:*:*:*", "matchCriteriaId": "D4D811A9-4988-4C11-AA27-F5BE2B93D8D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.5.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAEF824D-7E95-4BC1-8DBB-787DCE595E21", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.5.4:*:*:*:*:*:*:*", "matchCriteriaId": "97F4A2B3-DB1D-4D0B-B5FF-7EE2A0D291BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.5.5:*:*:*:*:*:*:*", "matchCriteriaId": "0B461D5A-1208-498F-B551-46C6D514AC2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:8.5.6:*:*:*:*:*:*:*", "matchCriteriaId": "598E5D91-0165-4D55-9EDD-EBB5AAAD1172", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone1:*:*:*:*:*:*", "matchCriteriaId": "9D0689FE-4BC0-4F53-8C79-34B21F9B86C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone10:*:*:*:*:*:*", "matchCriteriaId": "89B129B2-FB6F-4EF9-BF12-E589A87996CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone11:*:*:*:*:*:*", "matchCriteriaId": "8B6787B6-54A8-475E-BA1C-AB99334B2535", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone2:*:*:*:*:*:*", "matchCriteriaId": "9F542E12-6BA8-4504-A494-DA83E7E19BD5", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone3:*:*:*:*:*:*", "matchCriteriaId": "C0C5F004-F7D8-45DB-B173-351C50B0EC16", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone4:*:*:*:*:*:*", "matchCriteriaId": "D1902D2E-1896-4D3D-9E1C-3A675255072C", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone5:*:*:*:*:*:*", "matchCriteriaId": "49AAF4DF-F61D-47A8-8788-A21E317A145D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone6:*:*:*:*:*:*", "matchCriteriaId": "454211D0-60A2-4661-AECA-4C0121413FEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone7:*:*:*:*:*:*", "matchCriteriaId": "0686F977-889F-4960-8E0B-7784B73A7F2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone8:*:*:*:*:*:*", "matchCriteriaId": "558703AE-DB5E-4DFF-B497-C36694DD7B24", "vulnerable": true}, {"criteria": "cpe:2.3:a:apache:tomcat:9.0.0:milestone9:*:*:*:*:*:*", "matchCriteriaId": "ED6273F2-1165-47A4-8DD7-9E9B2472941B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own."}, {"lang": "es", "value": "El c\u00f3digo en Apache Tomcat 9.0.0.M1 a 9.0.0.M11, 8.5.0 a 8.5.6, 8.0.0.RC1 a 8.0.38, 7.0.0 a 7.0.72 y 6.0.0 a 6.0.47 que analiz\u00f3 la l\u00ednea de solicitud HTTP permiti\u00f3 caracteres no v\u00e1lidos. Esto podr\u00eda ser explotado, junto con un proxy que tambi\u00e9n permiti\u00f3 los caracteres no v\u00e1lidos, pero con una interpretaci\u00f3n diferente, para inyectar datos en la respuesta HTTP. Mediante la manipulaci\u00f3n de la respuesta HTTP, el atacante podr\u00eda envenenar una cach\u00e9 web, realizar un ataque XSS y/u obtener informaci\u00f3n sensible de otras solicitudes que no sean las suyas."}], "id": "CVE-2016-6816", "lastModified": "2023-12-08T16:41:18.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-03-20T18:59:00.173", "references": [{"source": "security@apache.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0244.html"}, {"source": "security@apache.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0245.html"}, {"source": "security@apache.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0246.html"}, {"source": "security@apache.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0247.html"}, {"source": "security@apache.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0250.html"}, {"source": "security@apache.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0457.html"}, {"source": "security@apache.org", "url": "http://rhn.redhat.com/errata/RHSA-2017-0527.html"}, {"source": "security@apache.org", "url": "http://www.debian.org/security/2016/dsa-3738"}, {"source": "security@apache.org", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94461"}, {"source": "security@apache.org", "url": "http://www.securitytracker.com/id/1037332"}, {"source": "security@apache.org", "url": "https://access.redhat.com/errata/RHSA-2017:0455"}, {"source": "security@apache.org", "url": "https://access.redhat.com/errata/RHSA-2017:0456"}, {"source": "security@apache.org", "url": "https://access.redhat.com/errata/RHSA-2017:0935"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/37220405a377c0182d2afdbc36461c4783b2930fbeae3a17f1333113%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/39ae1f0bd5867c15755a6f959b271ade1aea04ccdc3b2e639dcd903b%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/b84ad1258a89de5c9c853c7f2d3ad77e5b8b2930be9e132d5cef6b95%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/b8a1bf18155b552dcf9a928ba808cbadad84c236d85eab3033662cfb%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r03c597a64de790ba42c167efacfa23300c3d6c9fe589ab87fe02859c%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r587e50b86c1a96ee301f751d50294072d142fd6dc08a8987ae9f3a9b%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E"}, {"source": "security@apache.org", "url": "https://security.netapp.com/advisory/ntap-20180607-0001/"}, {"source": "security@apache.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48"}, {"source": "security@apache.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73"}, {"source": "security@apache.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39"}, {"source": "security@apache.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8"}, {"source": "security@apache.org", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://tomcat.apache.org/security-9.html#Fixed_in_Apache_Tomcat_9.0.0.M13"}, {"source": "security@apache.org", "url": "https://usn.ubuntu.com/4557-1/"}, {"source": "security@apache.org", "url": "https://www.exploit-db.com/exploits/41783/"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2017:0527", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "tomcat6-0:6.0.24-105.el6_8", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2017-03-15T00:00:00Z"}, {"advisory": "RHSA-2017:0935", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "tomcat-0:7.0.69-11.el7_3", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-04-12T00:00:00Z"}, {"advisory": "RHSA-2017:0247", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "apache-cxf-0:2.7.18-5.SP4_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hornetq-0:2.3.25-18.SP16_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "infinispan-0:5.2.20-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-appclient-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-appclient-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-bundles-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cli-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-client-all-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-clustering-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cmp-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-configadmin-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-connector-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-console-0:2.5.15-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-client-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-core-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-core-security-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-repository-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-scanner-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-domain-0:7.5.13-5.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-http-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-management-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-deployment-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ejb3-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-embedded-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-host-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jacorb-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-javadocs-0:7.5.13-3.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxr-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxrs-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jdr-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jmx-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jpa-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsf-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsr77-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-logging-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-mail-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-management-client-content-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-messaging-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-modcluster-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-modules-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-naming-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-network-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-configadmin-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-service-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-picketlink-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-platform-mbean-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-pojo-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-process-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-product-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-protocol-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-remoting-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-sar-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-security-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-server-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-standalone-0:7.5.13-5.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-system-jmx-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-threads-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-transactions-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-version-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-web-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-webservices-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-welcome-content-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-weld-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-xts-0:7.5.13-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-ejb-client-0:1.0.38-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-hal-0:2.5.15-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossweb-0:7.5.20-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0246", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "resteasy-0:2.3.16-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "apache-cxf-0:2.7.18-5.SP4_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hornetq-0:2.3.25-18.SP16_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "infinispan-0:5.2.20-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-appclient-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-appclient-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-bundles-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cli-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-client-all-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-clustering-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cmp-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-configadmin-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-connector-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-console-0:2.5.15-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-client-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-core-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-core-security-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-repository-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-scanner-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-domain-0:7.5.13-5.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-http-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-management-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-deployment-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ejb3-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-embedded-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-host-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jacorb-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-javadocs-0:7.5.13-3.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxr-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxrs-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jdr-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jmx-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jpa-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsf-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsr77-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-logging-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-mail-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-management-client-content-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-messaging-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-modcluster-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-modules-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-naming-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-network-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-configadmin-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-service-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-picketlink-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-platform-mbean-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-pojo-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-process-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-product-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-protocol-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-remoting-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-sar-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-security-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-server-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-standalone-0:7.5.13-5.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-system-jmx-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-threads-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-transactions-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-version-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-web-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-webservices-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-welcome-content-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-weld-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-xts-0:7.5.13-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-ejb-client-0:1.0.38-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-hal-0:2.5.15-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossweb-0:7.5.20-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0244", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "resteasy-0:2.3.16-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0250", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-ec2-eap-0:7.5.13-1.Final_redhat_2.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "apache-cxf-0:2.7.18-5.SP4_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hornetq-0:2.3.25-18.SP16_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "infinispan-0:5.2.20-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-appclient-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-appclient-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-bundles-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cli-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-client-all-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-clustering-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cmp-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-configadmin-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-connector-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-console-0:2.5.15-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-client-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-core-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-core-security-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-repository-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-scanner-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-domain-0:7.5.13-5.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-http-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-management-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-deployment-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ejb3-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-embedded-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-host-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jacorb-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-javadocs-0:7.5.13-3.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxr-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxrs-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jdr-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jmx-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jpa-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsf-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsr77-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-logging-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-mail-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-management-client-content-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-messaging-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-modcluster-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-modules-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-naming-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-network-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-configadmin-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-service-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-picketlink-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-platform-mbean-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-pojo-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-process-controller-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-product-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-protocol-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-remoting-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-sar-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-security-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-server-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-standalone-0:7.5.13-5.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-system-jmx-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-threads-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-transactions-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-version-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-web-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-webservices-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-welcome-content-eap-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-weld-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-xts-0:7.5.13-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-ejb-client-0:1.0.38-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-hal-0:2.5.15-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossweb-0:7.5.20-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0245", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "resteasy-0:2.3.16-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-02-02T00:00:00Z"}, {"advisory": "RHSA-2017:0457", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1", "product_name": "Red Hat JBoss Web Server 3.1", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "hibernate4-eap6-0:4.2.23-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "jbcs-httpd24-0:1-3.jbcs.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "jbcs-httpd24-apache-commons-daemon-0:1.0.15-1.redhat_2.1.jbcs.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.0.15-17.redhat_2.jbcs.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "mod_cluster-0:1.3.5-2.Final_redhat_2.1.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat7-0:7.0.70-16.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat8-0:8.0.36-17.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat-native-0:1.2.8-9.redhat_9.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0455", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat-vault-0:1.0.8-9.Final_redhat_2.1.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "hibernate4-eap6-0:4.2.23-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "jbcs-httpd24-0:1-3.jbcs.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "jbcs-httpd24-apache-commons-daemon-0:1.0.15-1.redhat_2.1.jbcs.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "jbcs-httpd24-apache-commons-daemon-jsvc-1:1.0.15-17.redhat_2.jbcs.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "mod_cluster-0:1.3.5-2.Final_redhat_2.1.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat7-0:7.0.70-16.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat8-0:8.0.36-17.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat-native-0:1.2.8-9.redhat_9.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}, {"advisory": "RHSA-2017:0456", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat-vault-0:1.0.8-9.Final_redhat_2.1.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-03-07T00:00:00Z"}], "bugzilla": {"description": "tomcat: HTTP Request smuggling vulnerability due to permitting invalid character in HTTP requests", "id": "1397484", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1397484"}, "csaw": false, "cvss": {"cvss_base_score": "5.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "status": "verified"}, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-444", "details": ["The code in Apache Tomcat 9.0.0.M1 to 9.0.0.M11, 8.5.0 to 8.5.6, 8.0.0.RC1 to 8.0.38, 7.0.0 to 7.0.72, and 6.0.0 to 6.0.47 that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack and/or obtain sensitive information from requests other then their own.", "It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other then their own."], "name": "CVE-2016-6816", "package_state": [{"cpe": "cpe:/a:redhat:developer_toolset:3.1", "fix_state": "Not affected", "package_name": "devtoolset-3-tomcat", "product_name": "Red Hat Developer Toolset 3.1"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "tomcat5", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:6", "fix_state": "Will not fix", "package_name": "jbossweb", "product_name": "Red Hat JBoss Data Grid 6"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Will not fix", "package_name": "jbossweb", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "fix_state": "Will not fix", "package_name": "jbossweb", "product_name": "Red Hat JBoss Enterprise Application Platform 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2", "fix_state": "Affected", "package_name": "tomcat6", "product_name": "Red Hat JBoss Enterprise Web Server 2"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2", "fix_state": "Affected", "package_name": "tomcat7", "product_name": "Red Hat JBoss Enterprise Web Server 2"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3", "fix_state": "Fix deferred", "package_name": "tomcat7", "product_name": "Red Hat JBoss Enterprise Web Server 3"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Under investigation", "package_name": "jbossweb", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Will not fix", "package_name": "Core Server", "product_name": "Red Hat JBoss Operations Network 3"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_portal_platform:6", "fix_state": "Will not fix", "package_name": "jbossweb", "product_name": "Red Hat JBoss Portal 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3", "fix_state": "Affected", "package_name": "tomcat8", "product_name": "Red Hat JBoss Web Server 3"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Not affected", "package_name": "rh-java-common-tomcat", "product_name": "Red Hat Software Collections"}], "public_date": "2016-11-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2016-6816\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-6816\nhttps://access.redhat.com/articles/2991951\nhttps://access.redhat.com/solutions/2891171\nhttps://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.48\nhttps://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.73\nhttps://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.0.39\nhttps://tomcat.apache.org/security-8.html#Fixed_in_Apache_Tomcat_8.5.8"], "statement": "Applying the fix provided to mitigate this issue may cause Tomcat to return 400 status after updating. For more information, refer to https://access.redhat.com/solutions/2891171", "threat_severity": "Moderate", "upstream_fix": "tomcat 6.0.48, tomcat 7.0.73, tomcat 8.0.39, tomcat 8.5.8"}