CVE-2018-1336 - Vulnerability Details

- tomcat: A bug in the UTF-8 decoder can lead to DoS

Description

An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.

Published: 2018-08-02

Score: 7.5 High

EPSS: 18.6% Moderate

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Apache Software Foundation

Apache Tomcat

affected

Version	Status	Constraints
`9.0.0.M9 to 9.0.7`	affected	—
`8.5.0 to 8.5.30`	affected	—
`8.0.0.RC1 to 8.0.51`	affected	—
`7.0.28 to 7.0.86`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat::::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc1::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc10::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc2::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc3::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc4::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc5::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc6::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc7::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc8::::::
	cpe:2.3:a:apache:tomcat:8.0.0:rc9::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone10::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone11::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone12::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone13::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone14::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone15::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone16::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone17::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone18::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone19::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone20::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone21::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone22::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone23::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone24::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone25::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone26::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone27::::::
	cpe:2.3:a:apache:tomcat:9.0.0:milestone9::::::

Configuration 2 [-]

OR	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:::::::*
	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.0:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 3 [-]

AND

cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*

OR	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

Configuration 4 [-]

AND

cpe:2.3:a:redhat:jboss_enterprise_web_server:5.0.0:*:*:*:*:*:*:*

OR	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

Configuration 5 [-]

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 7
tomcat-0:7.0.76-8.el7_5	cpe:/o:redhat:enterprise_linux:7	RHSA-2018:2921	2018-10-16T00:00:00Z
Red Hat Fuse 7.2
tomcat	cpe:/a:redhat:jboss_fuse:7	RHSA-2018:3768	2018-12-04T00:00:00Z
Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8
	cpe:/a:redhat:jboss_fuse:6.3	RHSA-2018:2939	2018-10-17T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4
jbossweb	cpe:/a:redhat:jboss_enterprise_application_platform:6.4	RHSA-2018:2740	2018-09-24T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5
codehaus-jackson-0:1.9.9-14.redhat_7.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
guava-libraries-0:13.0.1-5.redhat_3.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
hibernate4-validator-0:4.3.4-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
hornetq-0:2.3.25-27.SP28_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
ironjacamar-eap6-0:1.0.42-2.Final_redhat_2.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-appclient-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-appclient-0:7.5.21-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-bundles-0:7.5.21-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-cli-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-client-all-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-clustering-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-cmp-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-configadmin-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-connector-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-controller-client-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-core-0:7.5.21-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-core-security-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-deployment-repository-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-deployment-scanner-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-domain-0:7.5.21-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-domain-http-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-domain-management-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-ee-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-ee-deployment-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-ejb3-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-embedded-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-host-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-jacorb-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-javadocs-0:7.5.21-2.Final_redhat_1.2.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-jaxr-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-jaxrs-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-jdr-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-jmx-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-jpa-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-jsf-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-jsr77-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-logging-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-mail-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-management-client-content-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-messaging-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-modcluster-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-modules-eap-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-naming-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-network-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-osgi-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-osgi-service-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-picketlink-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-platform-mbean-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-pojo-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-process-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-product-eap-0:7.5.21-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-protocol-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-remoting-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-sar-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-security-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-server-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-standalone-0:7.5.21-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-system-jmx-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-threads-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-transactions-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-version-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-web-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-webservices-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossas-welcome-content-eap-0:7.5.21-2.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-weld-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-as-xts-0:7.5.21-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-ejb-client-0:1.0.41-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-modules-0:1.3.11-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-vfs2-0:3.2.13-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jbossweb-0:7.5.29-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
jboss-xnio-base-0:3.0.17-1.GA_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
picketlink-bindings-0:2.5.4-23.SP18_redhat_2.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
picketlink-federation-0:2.5.4-21.SP18_redhat_2.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
xerces-j2-eap6-0:2.9.1-19.redhat_8.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:2742	2018-09-24T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6
codehaus-jackson-0:1.9.9-14.redhat_7.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
guava-libraries-0:13.0.1-5.redhat_3.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
hibernate4-validator-0:4.3.4-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
hornetq-0:2.3.25-27.SP28_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
ironjacamar-eap6-0:1.0.42-2.Final_redhat_2.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-appclient-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-appclient-0:7.5.21-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-bundles-0:7.5.21-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-cli-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-client-all-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-clustering-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-cmp-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-configadmin-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-connector-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-controller-client-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-core-0:7.5.21-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-core-security-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-deployment-repository-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-deployment-scanner-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-domain-0:7.5.21-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-domain-http-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-domain-management-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-ee-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-ee-deployment-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-ejb3-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-embedded-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-host-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-jacorb-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-javadocs-0:7.5.21-2.Final_redhat_1.2.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-jaxr-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-jaxrs-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-jdr-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-jmx-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-jpa-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-jsf-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-jsr77-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-logging-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-mail-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-management-client-content-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-messaging-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-modcluster-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-modules-eap-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-naming-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-network-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-osgi-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-osgi-service-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-picketlink-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-platform-mbean-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-pojo-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-process-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-product-eap-0:7.5.21-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-protocol-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-remoting-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-sar-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-security-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-server-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-standalone-0:7.5.21-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-system-jmx-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-threads-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-transactions-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-version-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-web-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-webservices-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossas-welcome-content-eap-0:7.5.21-2.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-weld-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-as-xts-0:7.5.21-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-ejb-client-0:1.0.41-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-modules-0:1.3.11-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-vfs2-0:3.2.13-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jbossweb-0:7.5.29-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
jboss-xnio-base-0:3.0.17-1.GA_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
picketlink-bindings-0:2.5.4-23.SP18_redhat_2.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
picketlink-federation-0:2.5.4-21.SP18_redhat_2.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
xerces-j2-eap6-0:2.9.1-19.redhat_8.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:2743	2018-09-24T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7
codehaus-jackson-0:1.9.9-14.redhat_7.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
guava-libraries-0:13.0.1-5.redhat_3.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
hibernate4-validator-0:4.3.4-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
hornetq-0:2.3.25-27.SP28_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
ironjacamar-eap6-0:1.0.42-2.Final_redhat_2.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-appclient-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-appclient-0:7.5.21-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-bundles-0:7.5.21-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-cli-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-client-all-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-clustering-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-cmp-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-configadmin-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-connector-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-controller-client-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-core-0:7.5.21-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-core-security-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-deployment-repository-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-deployment-scanner-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-domain-0:7.5.21-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-domain-http-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-domain-management-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-ee-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-ee-deployment-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-ejb3-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-embedded-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-host-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-jacorb-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-javadocs-0:7.5.21-2.Final_redhat_1.2.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-jaxr-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-jaxrs-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-jdr-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-jmx-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-jpa-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-jsf-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-jsr77-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-logging-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-mail-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-management-client-content-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-messaging-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-modcluster-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-modules-eap-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-naming-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-network-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-osgi-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-osgi-service-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-picketlink-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-platform-mbean-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-pojo-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-process-controller-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-product-eap-0:7.5.21-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-protocol-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-remoting-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-sar-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-security-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-server-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-standalone-0:7.5.21-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-system-jmx-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-threads-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-transactions-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-version-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-web-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-webservices-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossas-welcome-content-eap-0:7.5.21-2.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-weld-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-as-xts-0:7.5.21-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-ejb-client-0:1.0.41-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-modules-0:1.3.11-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-vfs2-0:3.2.13-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jbossweb-0:7.5.29-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
jboss-xnio-base-0:3.0.17-1.GA_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
picketlink-bindings-0:2.5.4-23.SP18_redhat_2.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
picketlink-federation-0:2.5.4-21.SP18_redhat_2.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
xerces-j2-eap6-0:2.9.1-19.redhat_8.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:2741	2018-09-24T00:00:00Z
Red Hat JBoss Operations Network 3.3
jbossweb	cpe:/a:redhat:jboss_operations_network:3.3	RHSA-2018:2930	2018-10-16T00:00:00Z
Red Hat JBoss Web Server 3.1
tomcat7	cpe:/a:redhat:jboss_enterprise_web_server:3.1	RHSA-2018:2700	2018-09-12T00:00:00Z
tomcat8	cpe:/a:redhat:jboss_enterprise_web_server:3.1	RHSA-2018:2700	2018-09-12T00:00:00Z
Red Hat JBoss Web Server 3 for RHEL 6
tomcat7-0:7.0.70-29.ep7.el6	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6	RHSA-2018:2701	2018-09-12T00:00:00Z
tomcat8-0:8.0.36-33.ep7.el6	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6	RHSA-2018:2701	2018-09-12T00:00:00Z
Red Hat JBoss Web Server 3 for RHEL 7
tomcat7-0:7.0.70-29.ep7.el7	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7	RHSA-2018:2701	2018-09-12T00:00:00Z
tomcat8-0:8.0.36-33.ep7.el7	cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7	RHSA-2018:2701	2018-09-12T00:00:00Z
Red Hat JBoss Web Server 5.0 on RHEL 6
jws5-0:1-5.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHEA-2018:2189	2018-07-12T00:00:00Z
jws5-ecj-0:4.6.1-5.redhat_1.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHEA-2018:2189	2018-07-12T00:00:00Z
jws5-javapackages-tools-0:3.4.1-5.15.7.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHEA-2018:2189	2018-07-12T00:00:00Z
jws5-jboss-logging-0:3.3.1-4.Final_redhat_1.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHEA-2018:2189	2018-07-12T00:00:00Z
jws5-mod_cluster-0:1.4.0-8.Final_redhat_1.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHEA-2018:2189	2018-07-12T00:00:00Z
jws5-tomcat-0:9.0.7-10.redhat_10.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHEA-2018:2189	2018-07-12T00:00:00Z
jws5-tomcat-native-0:1.2.17-20.redhat_20.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHEA-2018:2189	2018-07-12T00:00:00Z
jws5-tomcat-vault-0:1.1.7-3.Final_redhat_1.1.el6jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el6	RHEA-2018:2189	2018-07-12T00:00:00Z
Red Hat JBoss Web Server 5.0 on RHEL 7
jws5-0:1-5.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHEA-2018:2188	2018-07-12T00:00:00Z
jws5-ecj-0:4.6.1-5.redhat_1.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHEA-2018:2188	2018-07-12T00:00:00Z
jws5-javapackages-tools-0:3.4.1-5.15.7.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHEA-2018:2188	2018-07-12T00:00:00Z
jws5-jboss-logging-0:3.3.1-4.Final_redhat_1.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHEA-2018:2188	2018-07-12T00:00:00Z
jws5-mod_cluster-0:1.4.0-8.Final_redhat_1.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHEA-2018:2188	2018-07-12T00:00:00Z
jws5-tomcat-0:9.0.7-10.redhat_10.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHEA-2018:2188	2018-07-12T00:00:00Z
jws5-tomcat-native-0:1.2.17-20.redhat_20.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHEA-2018:2188	2018-07-12T00:00:00Z
jws5-tomcat-vault-0:1.1.7-3.Final_redhat_1.1.el7jws	cpe:/a:redhat:jboss_enterprise_web_server:5.0::el7	RHEA-2018:2188	2018-07-12T00:00:00Z
Text-Only RHOAR
	cpe:/a:redhat:openshift_application_runtimes:1.0	RHSA-2018:2945	2018-10-18T00:00:00Z

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DLA	DLA-1491-1	tomcat8 security update
Debian DSA	DSA-4281-1	tomcat8 security update
EUVD	EUVD-2018-0635	An improper handing of overflow in the UTF-8 decoder with supplementary characters can lead to an infinite loop in the decoder causing a Denial of Service. Versions Affected: Apache Tomcat 9.0.0.M9 to 9.0.7, 8.5.0 to 8.5.30, 8.0.0.RC1 to 8.0.51, and 7.0.28 to 7.0.86.
Github GHSA	GHSA-m59c-jpc8-m2x4	In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder
Ubuntu USN	USN-3723-1	Tomcat vulnerabilities
Ubuntu USN	USN-4791-1	Apache Tomcat 7 vulnerabilities

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.18551.

Exploitation none

Automatable yes

Technical Impact partial

References

Link	Providers
http://mail-archives.us.apache.org/mod_mbox/www-announce/201807.mbox/%3C20180722090435.GA60759%40minotaur.apache.org%3E
http://www.securityfocus.com/bid/104898
http://www.securitytracker.com/id/1041375
https://access.redhat.com/errata/RHEA-2018:2188
https://access.redhat.com/errata/RHEA-2018:2189
https://access.redhat.com/errata/RHSA-2018:2700
https://access.redhat.com/errata/RHSA-2018:2701
https://access.redhat.com/errata/RHSA-2018:2740
https://access.redhat.com/errata/RHSA-2018:2741
https://access.redhat.com/errata/RHSA-2018:2742
https://access.redhat.com/errata/RHSA-2018:2743
https://access.redhat.com/errata/RHSA-2018:2921
https://access.redhat.com/errata/RHSA-2018:2930
https://access.redhat.com/errata/RHSA-2018:2939
https://access.redhat.com/errata/RHSA-2018:2945
https://access.redhat.com/errata/RHSA-2018:3768
https://lists.apache.org/thread.html/1dd0a59c1295cc08ce4c9e7edae5ad2268acc9ba55adcefa0532e5ba%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/343558d982879bf88ec20dbf707f8c11255f8e219e81d45c4f8d0551%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/388a323769f1dff84c9ec905455aa73fbcb20338e3c7eb131457f708%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/3d19773b4cf0377db62d1e9328bf9160bf1819f04f988315086931d7%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/5c0e00fd31efc11e147bf99d0f03c00a734447d3b131ab0818644cdb%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/6af47120905aa7d8fe12f42e8ff2284fb338ba141d3b77b8c7cb61b3%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/845312a10aabbe2c499fca94003881d2c79fc993d85f34c1f5c77424%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/88855876c33f2f9c532ffb75bfee570ccf0b17ffa77493745af9a17a%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/b5e3f51d28cd5d9b1809f56594f2cf63dcd6a90429e16ea9f83bbedc%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/e85e83e9954f169bbb77b44baae5a33d8de878df557bb32b7f793661%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/eb6efa8d59c45a7a9eff94c4b925467d3b3fec8ba7697f3daa314b04%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r3bbb800a816d0a51eccc5a228c58736960a9fffafa581a225834d97d%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r48c1444845fe15a823e1374674bfc297d5008a5453788099ea14caf0%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r6ccee4e849bc77df0840c7f853f6bd09d426f6741247da2b7429d5d9%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/r9136ff5b13e4f1941360b5a309efee2c114a14855578c3a2cbe5d19c%40%3Cdev.tomcat.apache.org%3E
https://lists.apache.org/thread.html/raba0fabaf4d56d4325ab2aca8814f0b30a237ab83d8106b115ee279a%40%3Cdev.tomcat.apache.org%3E
https://lists.debian.org/debian-lts-announce/2018/09/msg00001.html
https://nvd.nist.gov/vuln/detail/CVE-2018-1336
https://security.netapp.com/advisory/ntap-20180817-0001/
https://support.f5.com/csp/article/K73008537?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/3723-1/
https://www.cve.org/CVERecord?id=CVE-2018-1336
https://www.debian.org/security/2018/dsa-4281
https://www.oracle.com/security-alerts/cpuapr2020.html

History

Thu, 14 Nov 2024 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Subscriptions

Apache Tomcat

Canonical Ubuntu Linux

Debian Debian Linux

Redhat Enterprise Linux Enterprise Linux Desktop Enterprise Linux Server Enterprise Linux Workstation Jboss Enterprise Application Platform Jboss Enterprise Web Server Jboss Fuse Jboss Operations Network Openshift Application Runtimes

MITRE

Status: PUBLISHED

Assigner: apache

Published: 2018-08-02T14:00:00.000Z

Updated: 2024-11-14T20:35:47.322Z

Reserved: 2017-12-07T00:00:00.000Z

Link: CVE-2018-1336

Vulnrichment

Updated: 2024-08-05T03:59:38.542Z

NVD

Status : Modified

Published: 2018-08-02T14:29:00.270

Modified: 2024-11-21T03:59:38.967

Link: CVE-2018-1336

Redhat

Severity : Important

Publid Date: 2018-07-22T00:00:00Z

Links: CVE-2018-1336 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-835

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Exploitation none

Automatable yes

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object