{"containers": {"cna": {"affected": [{"product": "undertow", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-09-14T00:00:00", "descriptions": [{"lang": "en", "value": "An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "description": "CWE-200", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2019-05-09T20:06:05", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14642"}, {"name": "RHSA-2019:0364", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0364"}, {"name": "RHSA-2019:0362", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0362"}, {"name": "RHSA-2019:0365", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0365"}, {"name": "RHSA-2019:0380", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0380"}, {"name": "RHSA-2019:1107", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1107"}, {"name": "RHSA-2019:1108", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1108"}, {"name": "RHSA-2019:1106", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1106"}, {"name": "RHSA-2019:1140", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1140"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T09:38:12.577Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14642"}, {"name": "RHSA-2019:0364", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0364"}, {"name": "RHSA-2019:0362", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0362"}, {"name": "RHSA-2019:0365", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0365"}, {"name": "RHSA-2019:0380", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0380"}, {"name": "RHSA-2019:1107", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1107"}, {"name": "RHSA-2019:1108", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1108"}, {"name": "RHSA-2019:1106", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1106"}, {"name": "RHSA-2019:1140", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1140"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2018-14642", "datePublished": "2018-09-18T13:00:00", "dateReserved": "2018-07-27T00:00:00", "dateUpdated": "2024-08-05T09:38:12.577Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:undertow:-:*:*:*:*:*:*:*", "matchCriteriaId": "8190B427-8350-43AE-8F54-6A40B701C95E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": false}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "7117F117-D439-45EB-BB95-397E5E52C9BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "0C3AA5CE-9ACB-4E96-A4C1-50A662D641FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B4911A72-5FAE-47C5-A141-2E3CA8E1CCAB", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad de fuga de informaci\u00f3n en Undertow. Si no est\u00e1n escritas todas las cabeceras en la primera llamada write(), el c\u00f3digo que maneja las escrituras al b\u00fafer siempre escribir\u00e1 el contenido completo del b\u00fafer writevBuffer, que podr\u00eda contener datos de peticiones anteriores."}], "id": "CVE-2018-14642", "lastModified": "2020-12-08T15:50:19.710", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-18T13:29:00.970", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0362"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0364"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0365"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0380"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1106"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1107"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1108"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1140"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14642"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-200"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2019:1106", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2", "product_name": "Red Hat JBoss EAP 7.2", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-activemq-artemis-0:1.5.5.015-1.redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-apache-cxf-0:3.1.16-2.redhat_2.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-dom4j-0:2.1.1-1.redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-hibernate-0:5.1.17-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-ironjacamar-0:1.4.12-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jackson-databind-0:2.8.11.3-1.redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jandex-0:2.0.5-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jberet-0:1.2.7-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-ejb-client-0:4.0.12-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-el-api_3.0_spec-0:1.0.13-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-logmanager-0:2.0.11-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-modules-0:1.6.7-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-security-negotiation-0:3.0.5-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jbossws-common-0:3.1.7-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-narayana-0:5.5.34-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-picketlink-bindings-0:2.5.5-15.SP12_redhat_3.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-picketlink-federation-0:2.5.5-15.SP12_redhat_3.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-undertow-0:1.4.18-10.SP11_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-undertow-jastow-0:2.0.7-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-0:7.1.6-4.GA_redhat_00002.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-common-0:1.2.1-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-elytron-0:1.1.12-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-elytron-tool-0:1.0.9-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-javadocs-0:7.1.6-2.GA_redhat_00002.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0364", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-web-console-eap-0:2.9.19-1.Final_redhat_00001.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-activemq-artemis-0:1.5.5.015-1.redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-apache-cxf-0:3.1.16-2.redhat_2.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-dom4j-0:2.1.1-1.redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-hibernate-0:5.1.17-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-ironjacamar-0:1.4.12-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jackson-databind-0:2.8.11.3-1.redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jandex-0:2.0.5-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jberet-0:1.2.7-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jboss-ejb-client-0:4.0.12-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jboss-el-api_3.0_spec-0:1.0.13-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jboss-logmanager-0:2.0.11-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jboss-modules-0:1.6.7-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jboss-security-negotiation-0:3.0.5-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-jbossws-common-0:3.1.7-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-narayana-0:5.5.34-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-picketlink-bindings-0:2.5.5-15.SP12_redhat_3.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-picketlink-federation-0:2.5.5-15.SP12_redhat_3.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-undertow-0:1.4.18-10.SP11_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-undertow-jastow-0:2.0.7-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-wildfly-0:7.1.6-4.GA_redhat_00002.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-wildfly-common-0:1.2.1-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-wildfly-elytron-0:1.1.12-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-wildfly-elytron-tool-0:1.0.9-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-wildfly-javadocs-0:7.1.6-2.GA_redhat_00002.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:0365", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7", "package": "eap7-wildfly-web-console-eap-0:2.9.19-1.Final_redhat_00001.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7", "release_date": "2019-02-18T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1107", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:1108", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2019-05-08T00:00:00Z"}, {"advisory": "RHSA-2019:0380", "cpe": "cpe:/a:redhat:jboss_single_sign_on:7.2", "package": "undertow", "product_name": "Red Hat Single Sign-On 7.2.6 zip", "release_date": "2019-02-19T00:00:00Z"}, {"advisory": "RHSA-2019:1140", "cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3", "product_name": "Red Hat Single Sign-On 7.3.1 zip", "release_date": "2019-05-09T00:00:00Z"}, {"advisory": "RHEA-2019:1119", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "rhvm-appliance-0:4.3-20190502.0.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2019-05-08T00:00:00Z"}], "bugzilla": {"description": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer", "id": "1628702", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-200", "details": ["An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests."], "name": "CVE-2018-14642", "package_state": [{"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "undertow", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "undertow", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "jbossweb", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "undertow", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:fuse_integration_services:2", "fix_state": "Out of support scope", "package_name": "undertow", "product_name": "Red Hat JBoss Fuse Integration Service 2"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Affected", "package_name": "undertow", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "undertow", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2018-09-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-14642\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-14642"], "threat_severity": "Moderate"}