CVE-2018-7489 - Vulnerability Details

- jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries

Description

FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.

Published: 2018-02-26

Score: 9.8 Critical

EPSS: 36.2% Moderate

KEV: No

Impact:

Action:

Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:fasterxml:jackson-databind::::::::
	cpe:2.3:a:fasterxml:jackson-databind::::::::
	cpe:2.3:a:fasterxml:jackson-databind::::::::

Configuration 2 [-]

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:debian:debian_linux:9.0:::::::*

Configuration 3 [-]

OR	cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:::::::*
	cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:::::::*
	cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1:::::::*

Configuration 4 [-]

OR	cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.4.19:::::::*
	cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.2:::::::*

Package	CPE	Advisory	Released Date
Red Hat Fuse Intergration Services 2.0 based on Fuse 6.3 R8
	cpe:/a:redhat:jboss_fuse:6.3	RHSA-2018:2939	2018-10-17T00:00:00Z
Red Hat JBoss EAP 7.1
	cpe:/a:redhat:jboss_enterprise_application_platform:7.1	RHSA-2018:2088	2018-06-27T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4
jackson-databind	cpe:/a:redhat:jboss_enterprise_application_platform:6.4	RHSA-2018:1447	2018-05-14T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5
codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el5	cpe:/a:redhat:jboss_enterprise_application_platform:6::el5	RHSA-2018:1450	2018-05-14T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6
codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1449	2018-05-14T00:00:00Z
jboss-ec2-eap-0:7.5.20-1.Final_redhat_1.ep6.el6	cpe:/a:redhat:jboss_enterprise_application_platform:6::el6	RHSA-2018:1451	2018-05-14T00:00:00Z
Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7
codehaus-jackson-0:1.9.9-12.redhat_6.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
hornetq-0:2.3.25-26.SP24_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-appclient-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-bundles-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-cli-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-client-all-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-clustering-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-cmp-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-connector-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-controller-client-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-core-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-core-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-deployment-repository-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-deployment-scanner-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-domain-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-domain-http-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-domain-management-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-ee-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-ee-deployment-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-ejb3-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-embedded-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-host-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-jacorb-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-javadocs-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-jaxr-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-jaxrs-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-jdr-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-jpa-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-jsf-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-jsr77-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-logging-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-mail-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-management-client-content-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-messaging-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-modcluster-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-modules-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-naming-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-network-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-osgi-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-osgi-configadmin-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-osgi-service-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-picketlink-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-platform-mbean-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-pojo-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-process-controller-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-product-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-protocol-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-remoting-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-sar-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-security-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-server-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-standalone-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-system-jmx-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-threads-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-transactions-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-version-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-web-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-webservices-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossas-welcome-content-eap-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-weld-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jboss-as-xts-0:7.5.20-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossts-1:4.17.43-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jbossweb-0:7.5.28-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
jgroups-1:3.2.18-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
lucene-solr-0:3.6.2-8.redhat_9.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
picketbox-0:4.1.7-1.Final_redhat_1.1.ep6.el7	cpe:/a:redhat:jboss_enterprise_application_platform:6::el7	RHSA-2018:1448	2018-05-14T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 6
eap7-activemq-artemis-0:1.5.5.012-1.redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-commons-logging-jboss-logmanager-0:1.0.3-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-hibernate-0:5.1.14-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-infinispan-0:8.2.11-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-ironjacamar-0:1.4.9-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-jackson-databind-0:2.8.11.1-1.redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.8.11-2.redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-jackson-module-jaxb-annotations-0:2.8.11-2.redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-jboss-logmanager-0:2.0.10-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-jboss-marshalling-0:2.0.5-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-jboss-modules-0:1.6.4-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-jboss-remoting-0:5.0.7-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-jboss-server-migration-0:1.0.6-3.Final_redhat_3.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-12.SP11_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-picketlink-federation-0:2.5.5-12.SP11_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-undertow-0:1.4.18-6.SP7_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-wildfly-0:7.1.3-2.GA_redhat_2.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-wildfly-elytron-0:1.1.10-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-wildfly-elytron-tool-0:1.0.7-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-wildfly-javadocs-0:7.1.3-1.GA_redhat_2.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-wildfly-naming-client-0:1.0.8-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-wildfly-openssl-0:1.0.6-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
eap7-wildfly-web-console-eap-0:2.9.17-1.Final_redhat_1.1.ep7.el6	cpe:/a:redhat:jboss_enterprise_application_platform:7::el6	RHSA-2018:2090	2018-06-27T00:00:00Z
Red Hat JBoss Enterprise Application Platform 7.1 for RHEL 7
eap7-activemq-artemis-0:1.5.5.012-1.redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-commons-logging-jboss-logmanager-0:1.0.3-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-hibernate-0:5.1.14-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-infinispan-0:8.2.11-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-ironjacamar-0:1.4.9-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-jackson-databind-0:2.8.11.1-1.redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-jackson-jaxrs-providers-0:2.8.11-2.redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-jackson-module-jaxb-annotations-0:2.8.11-2.redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-jboss-logmanager-0:2.0.10-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-jboss-marshalling-0:2.0.5-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-jboss-modules-0:1.6.4-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-jboss-remoting-0:5.0.7-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-jboss-server-migration-0:1.0.6-3.Final_redhat_3.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-picketlink-bindings-0:2.5.5-12.SP11_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-picketlink-federation-0:2.5.5-12.SP11_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-undertow-0:1.4.18-6.SP7_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-wildfly-0:7.1.3-2.GA_redhat_2.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-wildfly-elytron-0:1.1.10-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-wildfly-elytron-tool-0:1.0.7-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-wildfly-javadocs-0:7.1.3-1.GA_redhat_2.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-wildfly-naming-client-0:1.0.8-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-wildfly-openssl-0:1.0.6-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
eap7-wildfly-web-console-eap-0:2.9.17-1.Final_redhat_1.1.ep7.el7	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7	RHSA-2018:2089	2018-06-27T00:00:00Z
Red Hat JBoss Enterprise Application Platform Continuous Delivery
	cpe:/a:redhat:jboss_enterprise_application_platform_cd:13	RHSA-2020:2562	2020-06-15T00:00:00Z
Red Hat Openshift Application Runtimes
jackson-databind	cpe:/a:redhat:openshift_application_runtimes:1.0	RHSA-2018:1786	2018-06-04T00:00:00Z
Red Hat OpenShift Container Platform 3.11
openshift3/ose-logging-elasticsearch5:v3.11.153-2	cpe:/a:redhat:openshift:3.11::el7	RHSA-2019:3149	2019-10-18T00:00:00Z
Red Hat OpenShift Container Platform 4.1
openshift4/ose-logging-elasticsearch5:v4.1.18-201909201915	cpe:/a:redhat:openshift:4.1::el7	RHSA-2019:2858	2019-09-27T00:00:00Z
Red Hat Virtualization 4 for Red Hat Enterprise Linux 7
rhvm-appliance-0:4.2-20180620.0	cpe:/o:redhat:enterprise_linux:7::hypervisor	RHEA-2018:2082	2018-06-28T00:00:00Z
Text-Only RHOAR
	cpe:/a:redhat:openshift_application_runtimes:1.0	RHSA-2018:2938	2018-10-17T00:00:00Z

No data available yet.

Remediation

No vendor fix or workaround currently provided.

Additional remediation guidance may be available on OpenCVE Cloud.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
Debian DSA	DSA-4190-1	jackson-databind security update
Github GHSA	GHSA-cggj-fvv3-cqwv	FasterXML jackson-databind allows unauthenticated remote code execution

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.36207.

Key SSVC decision points have not yet been added.

References

Link	Providers
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/103203
http://www.securitytracker.com/id/1040693
http://www.securitytracker.com/id/1041890
https://access.redhat.com/errata/RHSA-2018:1447
https://access.redhat.com/errata/RHSA-2018:1448
https://access.redhat.com/errata/RHSA-2018:1449
https://access.redhat.com/errata/RHSA-2018:1450
https://access.redhat.com/errata/RHSA-2018:1451
https://access.redhat.com/errata/RHSA-2018:1786
https://access.redhat.com/errata/RHSA-2018:2088
https://access.redhat.com/errata/RHSA-2018:2089
https://access.redhat.com/errata/RHSA-2018:2090
https://access.redhat.com/errata/RHSA-2018:2938
https://access.redhat.com/errata/RHSA-2018:2939
https://access.redhat.com/errata/RHSA-2019:2858
https://access.redhat.com/errata/RHSA-2019:3149
https://access.redhat.com/solutions/3442891
https://github.com/FasterXML/jackson-databind/issues/1931
https://lists.apache.org/thread.html/r1d4a247329a8478073163567bbc8c8cb6b49c6bfc2bf58153a857af1%40%3Ccommits.druid.apache.org%3E
https://nvd.nist.gov/vuln/detail/CVE-2018-7489
https://security.netapp.com/advisory/ntap-20180328-0001/
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us
https://www.cve.org/CVERecord?id=CVE-2018-7489
https://www.debian.org/security/2018/dsa-4190
https://www.oracle.com/security-alerts/cpuoct2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

History

Fri, 23 Aug 2024 05:45:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/a:redhat:jboss_enterprise_application_platform:7::el7~~	cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7

Subscriptions

Debian Debian Linux

Fasterxml Jackson-databind

Oracle Communications Billing And Revenue Management Communications Instant Messaging Server

Redhat Enterprise Linux Jboss Enterprise Application Platform Jboss Enterprise Application Platform Cd Jboss Fuse Openshift Openshift Application Runtimes

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-02-26T15:00:00.000Z

Updated: 2024-08-05T06:31:03.738Z

Reserved: 2018-02-26T00:00:00.000Z

Link: CVE-2018-7489

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-02-26T15:29:00.417

Modified: 2024-11-21T04:12:13.653

Link: CVE-2018-7489

Redhat

Severity : Moderate

Publid Date: 2018-02-26T00:00:00Z

Links: CVE-2018-7489 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object