CVE-2019-12423 - Vulnerability Details

- cxf: OpenId Connect token service does not properly validate the clientId

Description

Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all.

Published: 2020-01-16

Score: 7.5 High

EPSS: 1.2% Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apache

CXF

affected

Version	Status	Constraints
`All versions of Apache CXF prior to 3.3.5 and 3.2.12.`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:apache:cxf::::::::
	cpe:2.3:a:apache:cxf::::::::

Configuration 2 [-]

OR	cpe:2.3:a:oracle:commerce_guided_search:11.3.2:::::::*
	cpe:2.3:a:oracle:communications_diameter_signaling_router::::::::
	cpe:2.3:a:oracle:communications_element_manager::::::::
	cpe:2.3:a:oracle:communications_session_report_manager::::::::
	cpe:2.3:a:oracle:communications_session_route_manager:8.1.1:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.2.0:::::::*
	cpe:2.3:a:oracle:communications_session_route_manager:8.2.1:::::::*
	cpe:2.3:a:oracle:flexcube_private_banking:12.0.0:::::::*
	cpe:2.3:a:oracle:flexcube_private_banking:12.1.0:::::::*
	cpe:2.3:a:oracle:retail_order_broker:15.0:::::::*

Package	CPE	Advisory	Released Date
EAP-CD 19 Tech Preview
cxf-core	cpe:/a:redhat:jboss_enterprise_application_platform_cd:19	RHSA-2020:2333	2020-05-28T00:00:00Z
Red Hat Decision Manager 7
cxf-core	cpe:/a:redhat:jboss_enterprise_brms_platform:7.8	RHSA-2020:3196	2020-07-29T00:00:00Z
Red Hat Fuse 7.8.0
cxf-core	cpe:/a:redhat:jboss_fuse:7	RHSA-2020:5568	2020-12-16T00:00:00Z
Red Hat JBoss EAP 7
cxf-core	cpe:/a:redhat:jboss_enterprise_application_platform:7	RHSA-2020:2515	2020-06-10T00:00:00Z
Red Hat JBoss EAP 7.2
cxf-core	cpe:/a:redhat:jboss_enterprise_application_platform:7.2	RHSA-2020:2061	2020-05-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6
eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-apache-cxf-0:3.2.12-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-glassfish-el-0:3.0.1-5.b08_redhat_00004.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-glassfish-javamail-0:1.6.2-2.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-10.SP3_redhat_00008.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-hal-console-0:3.0.21-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-hibernate-commons-annotations-0:5.0.5-1.Final_redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-hibernate-search-0:5.10.7-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-httpcomponents-client-0:4.5.4-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-httpcomponents-core-0:4.4.5-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jackson-databind-0:2.9.10.2-2.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jasypt-0:1.9.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-javaee-security-soteria-0:1.0.0-3.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jaxbintros-0:1.0.3-1.GA_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-batch-api_1.0_spec-0:1.0.2-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-classfilewriter-0:1.2.4-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-common-beans-0:2.0.1-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-ejb-api_3.2_spec-0:1.0.2-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-invocation-0:1.5.2-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-jsf-api_2.3_spec-0:2.3.5-5.SP2_redhat_00003.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-modules-0:1.8.9-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-openjdk-orb-0:8.1.4-3.Final_redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-security-negotiation-0:3.0.6-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-10.Final_redhat_00011.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-threads-0:2.3.3-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jboss-websocket-api_1.1_spec-0:1.1.4-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jbossws-common-0:3.2.3-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jgroups-0:4.0.20-2.Final_redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jgroups-azure-0:1.2.1-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-jgroups-kubernetes-0:1.0.13-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-mod_cluster-0:1.4.1-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-narayana-0:5.9.8-1.Final_redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-opensaml-0:3.3.1-1.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-resteasy-0:3.6.1-9.SP8_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-smallrye-config-0:1.3.6-1.SP01_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-smallrye-health-0:1.0.2-2.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-undertow-0:2.0.30-2.SP2_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-weld-cdi-2.0-api-0:2.0.0-4.SP1_redhat_00004.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-wildfly-0:7.2.8-3.GA_redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-wildfly-elytron-0:1.6.6-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.10-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-ws-commons-XmlSchema-0:2.2.4-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
eap7-wss4j-0:2.2.5-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6	RHSA-2020:2058	2020-05-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7
eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-apache-cxf-0:3.2.12-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-glassfish-el-0:3.0.1-5.b08_redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-glassfish-javamail-0:1.6.2-2.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-10.SP3_redhat_00008.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-hal-console-0:3.0.21-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-hibernate-commons-annotations-0:5.0.5-1.Final_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-hibernate-search-0:5.10.7-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-httpcomponents-client-0:4.5.4-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-httpcomponents-core-0:4.4.5-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jackson-databind-0:2.9.10.2-2.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jasypt-0:1.9.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-javaee-security-soteria-0:1.0.0-3.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jaxbintros-0:1.0.3-1.GA_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-batch-api_1.0_spec-0:1.0.2-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-classfilewriter-0:1.2.4-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-common-beans-0:2.0.1-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-ejb-api_3.2_spec-0:1.0.2-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-invocation-0:1.5.2-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-jsf-api_2.3_spec-0:2.3.5-5.SP2_redhat_00003.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-modules-0:1.8.9-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-openjdk-orb-0:8.1.4-3.Final_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-security-negotiation-0:3.0.6-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-10.Final_redhat_00011.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-threads-0:2.3.3-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jboss-websocket-api_1.1_spec-0:1.1.4-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jbossws-common-0:3.2.3-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jgroups-0:4.0.20-2.Final_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jgroups-azure-0:1.2.1-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-jgroups-kubernetes-0:1.0.13-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-mod_cluster-0:1.4.1-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-narayana-0:5.9.8-1.Final_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-opensaml-0:3.3.1-1.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-resteasy-0:3.6.1-9.SP8_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-smallrye-config-0:1.3.6-1.SP01_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-smallrye-health-0:1.0.2-2.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-undertow-0:2.0.30-2.SP2_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-weld-cdi-2.0-api-0:2.0.0-4.SP1_redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-wildfly-0:7.2.8-3.GA_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-wildfly-elytron-0:1.6.6-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.10-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-ws-commons-XmlSchema-0:2.2.4-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
eap7-wss4j-0:2.2.5-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7	RHSA-2020:2059	2020-05-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8
eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-apache-cxf-0:3.2.12-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-glassfish-el-0:3.0.1-5.b08_redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-glassfish-javamail-0:1.6.2-2.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-glassfish-jsf-0:2.3.5-10.SP3_redhat_00008.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-hal-console-0:3.0.21-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-hibernate-commons-annotations-0:5.0.5-1.Final_redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-hibernate-search-0:5.10.7-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-httpcomponents-client-0:4.5.4-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-httpcomponents-core-0:4.4.5-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jackson-databind-0:2.9.10.2-2.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jasypt-0:1.9.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-javaee-security-soteria-0:1.0.0-3.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jaxbintros-0:1.0.3-1.GA_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-batch-api_1.0_spec-0:1.0.2-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-classfilewriter-0:1.2.4-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-common-beans-0:2.0.1-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-ejb-api_3.2_spec-0:1.0.2-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-invocation-0:1.5.2-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-jsf-api_2.3_spec-0:2.3.5-5.SP2_redhat_00003.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-modules-0:1.8.9-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-openjdk-orb-0:8.1.4-3.Final_redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-security-negotiation-0:3.0.6-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-server-migration-0:1.3.1-10.Final_redhat_00011.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-threads-0:2.3.3-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jboss-websocket-api_1.1_spec-0:1.1.4-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jbossws-common-0:3.2.3-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jgroups-0:4.0.20-2.Final_redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jgroups-azure-0:1.2.1-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-jgroups-kubernetes-0:1.0.13-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-mod_cluster-0:1.4.1-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-narayana-0:5.9.8-1.Final_redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-opensaml-0:3.3.1-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-resteasy-0:3.6.1-9.SP8_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-smallrye-config-0:1.3.6-1.SP01_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-smallrye-health-0:1.0.2-2.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-undertow-0:2.0.30-2.SP2_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-weld-cdi-2.0-api-0:2.0.0-4.SP1_redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-wildfly-0:7.2.8-3.GA_redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-wildfly-elytron-0:1.6.6-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.10-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-ws-commons-XmlSchema-0:2.2.4-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
eap7-wss4j-0:2.2.5-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8	RHSA-2020:2060	2020-05-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 6
eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-apache-cxf-0:3.3.5-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-elytron-web-0:1.6.1-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-glassfish-jsf-0:2.3.9-10.SP09_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-hal-console-0:3.2.8-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-hibernate-0:5.3.16-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-infinispan-0:9.4.18-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jackson-annotations-0:2.10.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jackson-core-0:2.10.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jackson-databind-0:2.10.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.10.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jackson-modules-base-0:2.10.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jackson-modules-java8-0:2.10.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jaegertracing-jaeger-client-java-0:0.34.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jakarta-el-0:3.0.3-1.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jandex-0:2.1.2-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jasypt-0:1.9.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-genericjms-0:2.0.4-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-jsf-api_2.3_spec-0:3.0.0-3.SP02_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-modules-0:1.10.0-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-server-migration-0:1.7.1-5.Final_redhat_00006.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-vfs-0:3.2.15-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-jboss-weld-3.1-api-0:3.1.0-6.SP2_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-microprofile-config-0:1.4.0-1.redhat_00003.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-microprofile-health-0:2.2.0-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-microprofile-metrics-0:2.3.0-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-microprofile-opentracing-0:1.3.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-microprofile-rest-client-0:1.4.0-1.redhat_00004.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-opensaml-0:3.3.1-1.redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-resteasy-0:3.11.2-3.Final_redhat_00002.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-smallrye-config-0:1.6.2-3.redhat_00004.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-smallrye-health-0:2.2.0-1.redhat_00004.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-smallrye-metrics-0:2.4.0-1.redhat_00004.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-smallrye-opentracing-0:1.3.4-1.redhat_00004.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-snakeyaml-0:1.24.0-2.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-undertow-0:2.0.30-3.SP3_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-weld-core-0:3.1.4-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-wildfly-0:7.3.1-5.GA_redhat_00003.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-wildfly-elytron-0:1.10.6-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
eap7-wss4j-0:2.2.5-1.redhat_00001.1.el6eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el6	RHSA-2020:2511	2020-06-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 7
eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-apache-cxf-0:3.3.5-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-elytron-web-0:1.6.1-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-glassfish-jsf-0:2.3.9-10.SP09_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-hal-console-0:3.2.8-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-hibernate-0:5.3.16-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-infinispan-0:9.4.18-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jackson-annotations-0:2.10.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jackson-core-0:2.10.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jackson-databind-0:2.10.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.10.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jackson-modules-base-0:2.10.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jackson-modules-java8-0:2.10.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jaegertracing-jaeger-client-java-0:0.34.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jakarta-el-0:3.0.3-1.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jandex-0:2.1.2-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jasypt-0:1.9.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-genericjms-0:2.0.4-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-jsf-api_2.3_spec-0:3.0.0-3.SP02_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-modules-0:1.10.0-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-server-migration-0:1.7.1-5.Final_redhat_00006.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-vfs-0:3.2.15-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-jboss-weld-3.1-api-0:3.1.0-6.SP2_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-microprofile-config-0:1.4.0-1.redhat_00003.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-microprofile-health-0:2.2.0-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-microprofile-metrics-0:2.3.0-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-microprofile-opentracing-0:1.3.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-microprofile-rest-client-0:1.4.0-1.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-opensaml-0:3.3.1-1.redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-resteasy-0:3.11.2-3.Final_redhat_00002.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-smallrye-config-0:1.6.2-3.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-smallrye-health-0:2.2.0-1.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-smallrye-metrics-0:2.4.0-1.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-smallrye-opentracing-0:1.3.4-1.redhat_00004.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-snakeyaml-0:1.24.0-2.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-undertow-0:2.0.30-3.SP3_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-weld-core-0:3.1.4-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-wildfly-0:7.3.1-5.GA_redhat_00003.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-wildfly-elytron-0:1.10.6-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
eap7-wss4j-0:2.2.5-1.redhat_00001.1.el7eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el7	RHSA-2020:2512	2020-06-11T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.3 for RHEL 8
eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-apache-cxf-0:3.3.5-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-elytron-web-0:1.6.1-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-glassfish-jaxb-0:2.3.3-4.b02_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-glassfish-jsf-0:2.3.9-10.SP09_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-hal-console-0:3.2.8-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-hibernate-0:5.3.16-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-infinispan-0:9.4.18-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-ironjacamar-0:1.4.20-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jackson-annotations-0:2.10.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jackson-core-0:2.10.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jackson-databind-0:2.10.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.10.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jackson-modules-base-0:2.10.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jackson-modules-java8-0:2.10.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jaegertracing-jaeger-client-java-0:0.34.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jakarta-el-0:3.0.3-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jandex-0:2.1.2-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jasypt-0:1.9.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-genericjms-0:2.0.4-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-jsf-api_2.3_spec-0:3.0.0-3.SP02_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-modules-0:1.10.0-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-server-migration-0:1.7.1-5.Final_redhat_00006.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-vfs-0:3.2.15-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-jboss-weld-3.1-api-0:3.1.0-6.SP2_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-microprofile-config-0:1.4.0-1.redhat_00003.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-microprofile-health-0:2.2.0-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-microprofile-metrics-0:2.3.0-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-microprofile-opentracing-0:1.3.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-microprofile-rest-client-0:1.4.0-1.redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-opensaml-0:3.3.1-1.redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-23.SP12_redhat_00012.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-resteasy-0:3.11.2-3.Final_redhat_00002.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-smallrye-config-0:1.6.2-3.redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-smallrye-health-0:2.2.0-1.redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-smallrye-metrics-0:2.4.0-1.redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-smallrye-opentracing-0:1.3.4-1.redhat_00004.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-snakeyaml-0:1.24.0-2.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-stax2-api-0:4.2.0-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-sun-istack-commons-0:3.0.10-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-undertow-0:2.0.30-3.SP3_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-weld-core-0:3.1.4-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-wildfly-0:7.3.1-5.GA_redhat_00003.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-wildfly-elytron-0:1.10.6-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-wildfly-http-client-0:1.0.20-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-wildfly-transaction-client-0:1.1.11-1.Final_redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-woodstox-core-0:6.0.3-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
eap7-wss4j-0:2.2.5-1.redhat_00001.1.el8eap	cpe:/a:redhat:jboss_enterprise_application_platform:7.3::el8	RHSA-2020:2513	2020-06-11T00:00:00Z
Red Hat Process Automation 7
cxf-core	cpe:/a:redhat:jboss_enterprise_bpms_platform:7.8	RHSA-2020:3197	2020-07-29T00:00:00Z
Text-Only RHOAR
	cpe:/a:redhat:openshift_application_runtimes:1.0	RHSA-2020:2905	2020-07-23T00:00:00Z

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2020-0406	Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter "rs.security.keystore.type" to "jwk". For this case all keys are returned in this file "as is", including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. "oct" keys, which contain secret keys, are not returned at all.
Github GHSA	GHSA-42f2-f9vc-6365	Private key leak in Apache CXF

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.01164.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://cxf.apache.org/security-advisories.data/CVE-2019-12423.txt.asc?version=1&modificationDate=1579178393000&api=v2
https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rd588ff96f18563aeb5f87ac8c6bce7aae86cb1a4d4be483f96e7208c%40%3Cannounce.apache.org%3E
https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2019-12423
https://www.cve.org/CVERecord?id=CVE-2019-12423
https://www.oracle.com/security-alerts/cpuApr2021.html
https://www.oracle.com/security-alerts/cpujul2020.html
https://www.oracle.com/security-alerts/cpuoct2020.html

History

No history.

Subscriptions

Apache Cxf

Oracle Commerce Guided Search Communications Diameter Signaling Router Communications Element Manager Communications Session Report Manager Communications Session Route Manager Flexcube Private Banking Retail Order Broker

Redhat Jboss Enterprise Application Platform Jboss Enterprise Application Platform Cd Jboss Enterprise Bpms Platform Jboss Enterprise Brms Platform Jboss Fuse Openshift Application Runtimes

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2020-01-16T17:42:14.000Z

Updated: 2024-08-04T23:17:40.033Z

Reserved: 2019-05-28T00:00:00.000Z

Link: CVE-2019-12423

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-01-16T18:15:11.400

Modified: 2024-11-21T04:22:48.770

Link: CVE-2019-12423

Redhat

Severity : Moderate

Publid Date: 2020-01-16T00:00:00Z

Links: CVE-2019-12423 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-522

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object