{"containers": {"cna": {"affected": [{"product": "Soteria", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "before 1.0.1"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-05-04T16:43:21", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1732"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/wildfly-security/soteria/commit/c2479f8c39d7d661341fdcaff7f5e97c5eea1a54"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-1732", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Soteria", "version": {"version_data": [{"version_value": "before 1.0.1"}]}}]}, "vendor_name": "Red Hat"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request."}]}, "impact": {"cvss": [[{"vectorString": "4.2/CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-284"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1732", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1732"}, {"name": "https://github.com/wildfly-security/soteria/commit/c2479f8c39d7d661341fdcaff7f5e97c5eea1a54", "refsource": "CONFIRM", "url": "https://github.com/wildfly-security/soteria/commit/c2479f8c39d7d661341fdcaff7f5e97c5eea1a54"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:46:30.866Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1732"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/wildfly-security/soteria/commit/c2479f8c39d7d661341fdcaff7f5e97c5eea1a54"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-1732", "datePublished": "2020-05-04T16:43:21", "dateReserved": "2019-11-27T00:00:00", "dateUpdated": "2024-08-04T06:46:30.866Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:soteria:*:*:*:*:*:*:*:*", "matchCriteriaId": "4045E651-4CE2-463E-90EC-62ED2B5E488F", "versionEndExcluding": "1.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "72A54BDA-311C-413B-8E4D-388AD65A170A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:jboss_enterprise_application_platform_continuous_delivery:-:*:*:*:*:*:*:*", "matchCriteriaId": "BEFE06C8-4BF0-4EC0-A848-BF16CFCCDA57", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openshift_application_runtimes:-:*:*:*:*:*:*:*", "matchCriteriaId": "A33441B3-B301-426C-A976-08CE5FE72EFB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en Soteria versiones anteriores a la versi\u00f3n 1.0.1, en un modo en el que m\u00faltiples peticiones pueden ocurrir simult\u00e1neamente causan una corrupci\u00f3n de identidad de seguridad por medio de subprocesos (hilos) concurrentes cuando se usa EE Security con WildFly Elytron, lo que puede conllevar a una posibilidad de que se maneje usando la identidad de otra petici\u00f3n ."}], "id": "CVE-2020-1732", "lastModified": "2023-11-07T03:19:30.467", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.9, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2020-05-04T17:15:12.357", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1732"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/wildfly-security/soteria/commit/c2479f8c39d7d661341fdcaff7f5e97c5eea1a54"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2020:2333", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:19", "package": "wildfly", "product_name": "EAP-CD 19 Tech Preview", "release_date": "2020-05-28T00:00:00Z"}, {"advisory": "RHSA-2020:2061", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2", "package": "wildfly", "product_name": "Red Hat JBoss EAP 7.2", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-apache-cxf-0:3.2.12-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-glassfish-el-0:3.0.1-5.b08_redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-glassfish-javamail-0:1.6.2-2.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-glassfish-jsf-0:2.3.5-10.SP3_redhat_00008.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-hal-console-0:3.0.21-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-hibernate-commons-annotations-0:5.0.5-1.Final_redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-hibernate-search-0:5.10.7-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-httpcomponents-client-0:4.5.4-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-httpcomponents-core-0:4.4.5-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jackson-databind-0:2.9.10.2-2.redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jasypt-0:1.9.3-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-javaee-security-soteria-0:1.0.0-3.redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jaxbintros-0:1.0.3-1.GA_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-batch-api_1.0_spec-0:1.0.2-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-classfilewriter-0:1.2.4-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-common-beans-0:2.0.1-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-ejb-api_3.2_spec-0:1.0.2-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-invocation-0:1.5.2-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-5.SP2_redhat_00003.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-modules-0:1.8.9-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-openjdk-orb-0:8.1.4-3.Final_redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-security-negotiation-0:3.0.6-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-server-migration-0:1.3.1-10.Final_redhat_00011.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-threads-0:2.3.3-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jboss-websocket-api_1.1_spec-0:1.1.4-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jbossws-common-0:3.2.3-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jgroups-0:4.0.20-2.Final_redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jgroups-azure-0:1.2.1-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-jgroups-kubernetes-0:1.0.13-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-mod_cluster-0:1.4.1-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-narayana-0:5.9.8-1.Final_redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-opensaml-0:3.3.1-1.redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-resteasy-0:3.6.1-9.SP8_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-smallrye-config-0:1.3.6-1.SP01_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-smallrye-health-0:1.0.2-2.redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-undertow-0:2.0.30-2.SP2_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-weld-cdi-2.0-api-0:2.0.0-4.SP1_redhat_00004.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-0:7.2.8-3.GA_redhat_00002.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-elytron-0:1.6.6-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wildfly-transaction-client-0:1.1.10-1.Final_redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-ws-commons-XmlSchema-0:2.2.4-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2058", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6", "package": "eap7-wss4j-0:2.2.5-1.redhat_00001.1.el6eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 6", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-apache-cxf-0:3.2.12-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-glassfish-el-0:3.0.1-5.b08_redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-glassfish-javamail-0:1.6.2-2.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-glassfish-jsf-0:2.3.5-10.SP3_redhat_00008.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-hal-console-0:3.0.21-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-hibernate-commons-annotations-0:5.0.5-1.Final_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-hibernate-search-0:5.10.7-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-httpcomponents-client-0:4.5.4-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-httpcomponents-core-0:4.4.5-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jackson-databind-0:2.9.10.2-2.redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jasypt-0:1.9.3-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-javaee-security-soteria-0:1.0.0-3.redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jaxbintros-0:1.0.3-1.GA_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-batch-api_1.0_spec-0:1.0.2-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-classfilewriter-0:1.2.4-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-common-beans-0:2.0.1-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-ejb-api_3.2_spec-0:1.0.2-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-invocation-0:1.5.2-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-5.SP2_redhat_00003.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-modules-0:1.8.9-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-openjdk-orb-0:8.1.4-3.Final_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-security-negotiation-0:3.0.6-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-server-migration-0:1.3.1-10.Final_redhat_00011.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-threads-0:2.3.3-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jboss-websocket-api_1.1_spec-0:1.1.4-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jbossws-common-0:3.2.3-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jgroups-0:4.0.20-2.Final_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jgroups-azure-0:1.2.1-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-jgroups-kubernetes-0:1.0.13-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-mod_cluster-0:1.4.1-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-narayana-0:5.9.8-1.Final_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-opensaml-0:3.3.1-1.redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-resteasy-0:3.6.1-9.SP8_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-smallrye-config-0:1.3.6-1.SP01_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-smallrye-health-0:1.0.2-2.redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-undertow-0:2.0.30-2.SP2_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-weld-cdi-2.0-api-0:2.0.0-4.SP1_redhat_00004.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-0:7.2.8-3.GA_redhat_00002.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-elytron-0:1.6.6-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wildfly-transaction-client-0:1.1.10-1.Final_redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-ws-commons-XmlSchema-0:2.2.4-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2059", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7", "package": "eap7-wss4j-0:2.2.5-1.redhat_00001.1.el7eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 7", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-activemq-artemis-0:2.9.0-4.redhat_00010.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-apache-cxf-0:3.2.12-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-bouncycastle-0:1.60.0-2.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-codehaus-jackson-0:1.9.13-10.redhat_00007.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-cryptacular-0:1.2.4-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-glassfish-el-0:3.0.1-5.b08_redhat_00004.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-glassfish-javamail-0:1.6.2-2.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-glassfish-jsf-0:2.3.5-10.SP3_redhat_00008.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-hal-console-0:3.0.21-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-hibernate-commons-annotations-0:5.0.5-1.Final_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-hibernate-search-0:5.10.7-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-httpcomponents-client-0:4.5.4-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-httpcomponents-core-0:4.4.5-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jackson-databind-0:2.9.10.2-2.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jasypt-0:1.9.3-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-javaee-security-soteria-0:1.0.0-3.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jaxbintros-0:1.0.3-1.GA_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-batch-api_1.0_spec-0:1.0.2-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-classfilewriter-0:1.2.4-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-common-beans-0:2.0.1-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-ejb-api_3.2_spec-0:1.0.2-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-ejb-client-0:4.0.31-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-invocation-0:1.5.2-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-jsf-api_2.3_spec-0:2.3.5-5.SP2_redhat_00003.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-modules-0:1.8.9-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-openjdk-orb-0:8.1.4-3.Final_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-remoting-0:5.0.18-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-remoting-jmx-0:3.0.4-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-security-negotiation-0:3.0.6-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-server-migration-0:1.3.1-10.Final_redhat_00011.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-threads-0:2.3.3-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jboss-websocket-api_1.1_spec-0:1.1.4-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jbossws-common-0:3.2.3-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jgroups-0:4.0.20-2.Final_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jgroups-azure-0:1.2.1-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-jgroups-kubernetes-0:1.0.13-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-mod_cluster-0:1.4.1-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-narayana-0:5.9.8-1.Final_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-opensaml-0:3.3.1-1.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-picketbox-0:5.0.3-7.Final_redhat_00006.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-resteasy-0:3.6.1-9.SP8_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-slf4j-jboss-logmanager-0:1.0.4-1.GA_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-smallrye-config-0:1.3.6-1.SP01_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-smallrye-health-0:1.0.2-2.redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-undertow-0:2.0.30-2.SP2_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-weld-cdi-2.0-api-0:2.0.0-4.SP1_redhat_00004.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-wildfly-0:7.2.8-3.GA_redhat_00002.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-wildfly-elytron-0:1.6.6-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-wildfly-naming-client-0:1.0.12-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-wildfly-transaction-client-0:1.1.10-1.Final_redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-ws-commons-XmlSchema-0:2.2.4-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2060", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el8", "package": "eap7-wss4j-0:2.2.5-1.redhat_00001.1.el8eap", "product_name": "Red Hat JBoss Enterprise Application Platform 7.2 for RHEL 8", "release_date": "2020-05-11T00:00:00Z"}, {"advisory": "RHSA-2020:2905", "cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "product_name": "Text-Only RHOAR", "release_date": "2020-07-23T00:00:00Z"}], "bugzilla": {"description": "Soteria: security identity corruption across concurrent threads", "id": "1801726", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801726"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.2", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-284", "details": ["A flaw was found in Soteria before 1.0.1, in a way that multiple requests occurring concurrently causing security identity corruption across concurrent threads when using EE Security with WildFly Elytron which can lead to the possibility of being handled using the identity from another request.", "A flaw was found in WildFly where multiple requests occurring concurrently could be handled using the identity of another request. This vulnerability occurs when using EE Security with WildFly Elytron. The largest threat from this vulnerability is data confidentiality and integrity."], "name": "CVE-2020-1732", "package_state": [{"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7", "fix_state": "Not affected", "package_name": "wildfly", "product_name": "Red Hat Decision Manager 7"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Not affected", "package_name": "wildfly", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Out of support scope", "package_name": "jbossas", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Out of support scope", "package_name": "wildfly", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "fix_state": "Out of support scope", "package_name": "jbossas", "product_name": "Red Hat JBoss Enterprise Application Platform 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6", "fix_state": "Out of support scope", "package_name": "jbossas", "product_name": "Red Hat JBoss Enterprise Application Platform 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Out of support scope", "package_name": "wildfly", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Not affected", "package_name": "wildfly", "product_name": "Red Hat JBoss Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Out of support scope", "package_name": "wildfly", "product_name": "Red Hat JBoss Operations Network 3"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_soa_platform:5", "fix_state": "Out of support scope", "package_name": "jbossas", "product_name": "Red Hat JBoss SOA Platform 5"}, {"cpe": "cpe:/a:redhat:openshift_application_runtimes:1.0", "fix_state": "Affected", "package_name": "wildfly", "product_name": "Red Hat OpenShift Application Runtimes"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_bpms_platform:7", "fix_state": "Not affected", "package_name": "wildfly", "product_name": "Red Hat Process Automation 7"}, {"cpe": "cpe:/a:redhat:red_hat_single_sign_on:7", "fix_state": "Not affected", "package_name": "Soteria", "product_name": "Red Hat Single Sign-On 7"}], "public_date": "2020-02-14T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-1732\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-1732"], "threat_severity": "Low", "upstream_fix": "soteria 1.0.1"}