{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-02-27T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-07-20T22:52:59.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "USN-2551-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2551-1"}, {"name": "RHSA-2016:1376", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2016:1376"}, {"name": "RHSA-2016:1841", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1841.html"}, {"name": "[tomcat-taglibs-user] 20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://mail-archives.apache.org/mod_mbox/tomcat-taglibs-user/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E"}, {"name": "RHSA-2016:1838", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1838.html"}, {"name": "20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/534772/100/0/threaded"}, {"name": "RHSA-2015:1695", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1695.html"}, {"name": "RHSA-2016:1839", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1839.html"}, {"name": "openSUSE-SU-2015:1751", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00033.html"}, {"name": "72809", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/72809"}, {"name": "RHSA-2016:1840", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1840.html"}, {"name": "1034934", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1034934"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [27/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/8a20e48acb2a40be5130df91cf9d39d8ad93181989413d4abcaa4914%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200203 svn commit: r1873527 [27/30] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rfc2bfd99c340dafd501676693cd889c1f9f838b97bdd0776a8f5557d%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rc1686f6196bb9063bf26577a21b8033c19c1a30e5a9159869c8f3d38%40%3Cpluto-dev.portals.apache.org%3E"}, {"name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-792 Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf1179e6971bc46f0f68879a9a10cc97ad4424451b0889aeef04c8077%40%3Cpluto-scm.portals.apache.org%3E"}, {"name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r6c93d8ade3788dbc00f5a37238bc278e7d859f2446b885460783a16f%40%3Cpluto-dev.portals.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-0254", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "USN-2551-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2551-1"}, {"name": "RHSA-2016:1376", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1376"}, {"name": "RHSA-2016:1841", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1841.html"}, {"name": "[tomcat-taglibs-user] 20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags", "refsource": "MLIST", "url": "http://mail-archives.apache.org/mod_mbox/tomcat-taglibs-user/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E"}, {"name": "RHSA-2016:1838", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1838.html"}, {"name": "20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/534772/100/0/threaded"}, {"name": "RHSA-2015:1695", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1695.html"}, {"name": "RHSA-2016:1839", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1839.html"}, {"name": "openSUSE-SU-2015:1751", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00033.html"}, {"name": "72809", "refsource": "BID", "url": "http://www.securityfocus.com/bid/72809"}, {"name": "RHSA-2016:1840", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1840.html"}, {"name": "1034934", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034934"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [27/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/8a20e48acb2a40be5130df91cf9d39d8ad93181989413d4abcaa4914@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200203 svn commit: r1873527 [27/30] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rfc2bfd99c340dafd501676693cd889c1f9f838b97bdd0776a8f5557d@%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220@%3Cdev.tomcat.apache.org%3E"}, {"name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc1686f6196bb9063bf26577a21b8033c19c1a30e5a9159869c8f3d38@%3Cpluto-dev.portals.apache.org%3E"}, {"name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-792 Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf1179e6971bc46f0f68879a9a10cc97ad4424451b0889aeef04c8077@%3Cpluto-scm.portals.apache.org%3E"}, {"name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6c93d8ade3788dbc00f5a37238bc278e7d859f2446b885460783a16f@%3Cpluto-dev.portals.apache.org%3E"}, {"name": "https://www.oracle.com//security-alerts/cpujul2021.html", "refsource": "MISC", "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"name": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:03:10.466Z"}, "title": "CVE Program Container", "references": [{"name": "USN-2551-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2551-1"}, {"name": "RHSA-2016:1376", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2016:1376"}, {"name": "RHSA-2016:1841", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1841.html"}, {"name": "[tomcat-taglibs-user] 20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://mail-archives.apache.org/mod_mbox/tomcat-taglibs-user/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E"}, {"name": "RHSA-2016:1838", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1838.html"}, {"name": "20150227 [SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/534772/100/0/threaded"}, {"name": "RHSA-2015:1695", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1695.html"}, {"name": "RHSA-2016:1839", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1839.html"}, {"name": "openSUSE-SU-2015:1751", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00033.html"}, {"name": "72809", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/72809"}, {"name": "RHSA-2016:1840", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2016-1840.html"}, {"name": "1034934", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1034934"}, {"name": "[tomcat-dev] 20190319 svn commit: r1855831 [27/30] - in /tomcat/site/trunk: ./ docs/ xdocs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/8a20e48acb2a40be5130df91cf9d39d8ad93181989413d4abcaa4914%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20190325 svn commit: r1856174 [26/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200203 svn commit: r1873527 [27/30] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rfc2bfd99c340dafd501676693cd889c1f9f838b97bdd0776a8f5557d%40%3Cdev.tomcat.apache.org%3E"}, {"name": "[tomcat-dev] 20200213 svn commit: r1873980 [31/34] - /tomcat/site/trunk/docs/", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"name": "[portals-pluto-dev] 20210714 [jira] [Closed] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rc1686f6196bb9063bf26577a21b8033c19c1a30e5a9159869c8f3d38%40%3Cpluto-dev.portals.apache.org%3E"}, {"name": "[portals-pluto-scm] 20210714 [portals-pluto] branch master updated: PLUTO-792 Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf1179e6971bc46f0f68879a9a10cc97ad4424451b0889aeef04c8077%40%3Cpluto-scm.portals.apache.org%3E"}, {"name": "[portals-pluto-dev] 20210714 [jira] [Created] (PLUTO-792) Upgrade to taglibs-standard-impl-1.2.3 due to CVE-2015-0254", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r6c93d8ade3788dbc00f5a37238bc278e7d859f2446b885460783a16f%40%3Cpluto-dev.portals.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-0254", "datePublished": "2015-03-09T14:00:00.000Z", "dateReserved": "2014-11-18T00:00:00.000Z", "dateUpdated": "2024-08-06T04:03:10.466Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:standard_taglibs:*:*:*:*:*:*:*:*", "matchCriteriaId": "647C861D-A337-4331-9F9E-47220AC2F757", "versionEndIncluding": "1.2.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag."}, {"lang": "es", "value": "Apache Standard Taglibs anterior a 1.2.3 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o realizar ataques de entidad externa XML (XXE) a trav\u00e9s de una extensi\u00f3n XSLT manipulada en una etiqueta (1) o (2) JSTL XML."}], "evaluatorComment": "<a href=\"http://cwe.mitre.org/data/definitions/611.html\" target=\"_blank\">CWE-611: Improper Restriction of XML External Entity Reference ('XXE')</a>", "id": "CVE-2015-0254", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-03-09T14:59:04.263", "references": [{"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00033.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://mail-archives.apache.org/mod_mbox/tomcat-taglibs-user/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1695.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-1838.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-1839.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-1840.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2016-1841.html"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/534772/100/0/threaded"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/72809"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id/1034934"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2551-1"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2016:1376"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/8a20e48acb2a40be5130df91cf9d39d8ad93181989413d4abcaa4914%40%3Cdev.tomcat.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/r6c93d8ade3788dbc00f5a37238bc278e7d859f2446b885460783a16f%40%3Cpluto-dev.portals.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/rc1686f6196bb9063bf26577a21b8033c19c1a30e5a9159869c8f3d38%40%3Cpluto-dev.portals.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/rf1179e6971bc46f0f68879a9a10cc97ad4424451b0889aeef04c8077%40%3Cpluto-scm.portals.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://lists.apache.org/thread.html/rfc2bfd99c340dafd501676693cd889c1f9f838b97bdd0776a8f5557d%40%3Cdev.tomcat.apache.org%3E"}, {"source": "secalert@redhat.com", "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"source": "secalert@redhat.com", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2015-10/msg00033.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://mail-archives.apache.org/mod_mbox/tomcat-taglibs-user/201502.mbox/%3C82207A16-6348-4DEE-877E-F7B87292576A%40apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/130575/Apache-Standard-Taglibs-1.2.1-XXE-Remote-Command-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2015-1695.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-1838.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-1839.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-1840.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2016-1841.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/534772/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/72809"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id/1034934"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/USN-2551-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/errata/RHSA-2016:1376"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/8a20e48acb2a40be5130df91cf9d39d8ad93181989413d4abcaa4914%40%3Cdev.tomcat.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/f8e0814e11c7f21f42224b6de111cb3f5e5ab5c15b78924c516d4ec2%40%3Cdev.tomcat.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r6c93d8ade3788dbc00f5a37238bc278e7d859f2446b885460783a16f%40%3Cpluto-dev.portals.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rc1686f6196bb9063bf26577a21b8033c19c1a30e5a9159869c8f3d38%40%3Cpluto-dev.portals.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/re3b72cbb13e1dfe85c4a06959a3b6ca6d939b407ecca80db12b54220%40%3Cdev.tomcat.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf1179e6971bc46f0f68879a9a10cc97ad4424451b0889aeef04c8077%40%3Cpluto-scm.portals.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rfc2bfd99c340dafd501676693cd889c1f9f838b97bdd0776a8f5557d%40%3Cdev.tomcat.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.oracle.com//security-alerts/cpujul2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Apache Software Foundation and David Jorm (IIX) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2015:1695", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "jakarta-taglibs-standard-0:1.1.1-11.7.el6_7", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-08-31T00:00:00Z"}, {"advisory": "RHSA-2015:1695", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "jakarta-taglibs-standard-0:1.1.2-14.el7_1", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-08-31T00:00:00Z"}, {"advisory": "RHSA-2016:1841", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "product_name": "Red Hat JBoss EAP 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:0125", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "apache-cxf-0:2.7.18-1.redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hibernate4-eap6-0:4.2.22-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hibernate4-validator-0:4.3.2-3.Final_redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hornetq-0:2.3.25-10.SP8_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "httpserver-0:1.0.6-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "infinispan-0:5.2.17-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "ironjacamar-eap6-0:1.0.35-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-appclient-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-appclient-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-bundles-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cli-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-client-all-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-clustering-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cmp-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-configadmin-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-connector-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-client-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-core-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-core-security-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-repository-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-scanner-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-domain-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-http-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-management-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-deployment-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ejb3-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-embedded-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-host-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jacorb-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-javadocs-0:7.5.6-2.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxr-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxrs-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jdr-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jmx-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jpa-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsf-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsr77-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-logging-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-mail-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-management-client-content-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-messaging-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-modcluster-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-modules-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-naming-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-network-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-configadmin-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-service-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-picketlink-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-platform-mbean-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-pojo-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-process-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-product-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-protocol-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-remoting-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-sar-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-security-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-server-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-standalone-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-system-jmx-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-threads-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-transactions-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-version-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-web-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-webservices-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-welcome-content-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-weld-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-xts-0:7.5.6-1.Final_redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-jstl-api_1.2_spec-0:1.0.9-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-remote-naming-0:1.0.12-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-remoting3-0:3.3.7-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossws-cxf-0:4.3.6-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jgroups-1:3.2.15-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "wss4j-0:1.6.19-3.redhat_2.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0121", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "xml-security-0:1.5.8-1.redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "apache-cxf-0:2.7.18-1.redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hibernate4-eap6-0:4.2.22-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hibernate4-validator-0:4.3.2-3.Final_redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hornetq-0:2.3.25-10.SP8_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "httpserver-0:1.0.6-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "infinispan-0:5.2.17-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "ironjacamar-eap6-0:1.0.35-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-appclient-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-appclient-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-bundles-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cli-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-client-all-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-clustering-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cmp-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-configadmin-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-connector-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-client-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-core-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-core-security-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-repository-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-scanner-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-domain-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-http-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-management-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-deployment-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ejb3-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-embedded-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-host-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jacorb-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-javadocs-0:7.5.6-2.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxr-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxrs-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jdr-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jmx-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jpa-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsf-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsr77-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-logging-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-mail-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-management-client-content-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-messaging-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-modcluster-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-modules-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-naming-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-network-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-configadmin-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-service-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-picketlink-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-platform-mbean-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-pojo-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-process-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-product-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-protocol-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-remoting-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-sar-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-security-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-server-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-standalone-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-system-jmx-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-threads-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-transactions-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-version-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-web-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-webservices-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-welcome-content-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-weld-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-xts-0:7.5.6-1.Final_redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-jstl-api_1.2_spec-0:1.0.9-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-remote-naming-0:1.0.12-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-remoting3-0:3.3.7-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossws-cxf-0:4.3.6-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jgroups-1:3.2.15-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "wss4j-0:1.6.19-3.redhat_2.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0122", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "xml-security-0:1.5.8-1.redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0124", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-ec2-eap-0:7.5.6-1.Final_redhat_1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "apache-cxf-0:2.7.18-1.redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hibernate4-eap6-0:4.2.22-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hibernate4-validator-0:4.3.2-3.Final_redhat_3.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hornetq-0:2.3.25-10.SP8_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "httpserver-0:1.0.6-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "infinispan-0:5.2.17-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "ironjacamar-eap6-0:1.0.35-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-appclient-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-appclient-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-bundles-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cli-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-client-all-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-clustering-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cmp-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-configadmin-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-connector-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-client-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-core-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-core-security-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-repository-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-scanner-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-domain-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-http-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-management-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-deployment-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ejb3-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-embedded-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-host-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jacorb-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-javadocs-0:7.5.6-2.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxr-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxrs-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jdr-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jmx-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jpa-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsf-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsr77-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-logging-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-mail-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-management-client-content-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-messaging-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-modcluster-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-modules-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-naming-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-network-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-configadmin-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-service-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-picketlink-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-platform-mbean-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-pojo-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-process-controller-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-product-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-protocol-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-remoting-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-sar-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-security-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-server-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-standalone-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-system-jmx-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-threads-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-transactions-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-version-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-web-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-webservices-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-welcome-content-eap-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-weld-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-xts-0:7.5.6-1.Final_redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-jstl-api_1.2_spec-0:1.0.9-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-remote-naming-0:1.0.12-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-remoting3-0:3.3.7-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossws-cxf-0:4.3.6-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jgroups-1:3.2.15-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "wss4j-0:1.6.19-3.redhat_2.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:0123", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "xml-security-0:1.5.8-1.redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2016-02-04T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-activemq-artemis-0:1.1.0-15.SP18_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-apache-cxf-0:3.1.6-1.redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jberet-0:1.2.1-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-jstl-api_1.2_spec-0:1.1.3-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-security-negotiation-0:3.0.3-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jbossws-common-0:3.1.3-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jbossws-cxf-0:5.1.5-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jbossws-spi-0:3.1.2-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jgroups-0:3.6.10-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-mod_cluster-0:1.3.3-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-picketbox-0:4.9.7-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-picketlink-bindings-0:2.5.5-3.SP3_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-picketlink-federation-0:2.5.5-3.SP3_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-resteasy-0:3.0.18-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-undertow-0:1.3.24-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-0:7.0.2-2.GA_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-javadocs-0:7.0.2-1.GA_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-web-console-eap-0:2.8.27-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wss4j-0:2.1.5-1.redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-xalan-j2-0:2.7.1-25.redhat_11.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1838", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-xml-security-0:2.0.6-1.redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1840", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-ec2-eap-0:7.0.2-2.GA_redhat_1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-activemq-artemis-0:1.1.0-15.SP18_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-apache-cxf-0:3.1.6-1.redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jberet-0:1.2.1-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-jstl-api_1.2_spec-0:1.1.3-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-security-negotiation-0:3.0.3-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jbossws-common-0:3.1.3-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jbossws-cxf-0:5.1.5-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jbossws-spi-0:3.1.2-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jgroups-0:3.6.10-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-mod_cluster-0:1.3.3-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-picketbox-0:4.9.7-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-picketlink-bindings-0:2.5.5-3.SP3_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-picketlink-federation-0:2.5.5-3.SP3_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-resteasy-0:3.0.18-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-undertow-0:1.3.24-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-wildfly-0:7.0.2-2.GA_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-wildfly-javadocs-0:7.0.2-1.GA_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-wildfly-web-console-eap-0:2.8.27-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-wss4j-0:2.1.5-1.redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-xalan-j2-0:2.7.1-25.redhat_11.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1839", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-xml-security-0:2.0.6-1.redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1840", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-ec2-eap-0:7.0.2-2.GA_redhat_1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2016-09-08T00:00:00Z"}, {"advisory": "RHSA-2016:1376", "cpe": "cpe:/a:redhat:jboss_enterprise_soa_platform:5.3", "package": "web", "product_name": "Red Hat JBoss SOA Platform 5.3", "release_date": "2016-06-30T00:00:00Z"}], "bugzilla": {"description": "jakarta-taglibs-standard: XXE and RCE via XSL extension in JSTL XML tags", "id": "1198606", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1198606"}, "csaw": false, "cvss": {"cvss_base_score": "6.8", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "status": "verified"}, "cvss3": {"cvss3_base_score": "7.6", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L", "status": "verified"}, "details": ["Apache Standard Taglibs before 1.2.3 allows remote attackers to execute arbitrary code or conduct external XML entity (XXE) attacks via a crafted XSLT extension in a (1) <x:parse> or (2) <x:transform> JSTL XML tag.", "It was found that the Java Standard Tag Library (JSTL) allowed the processing of untrusted XML documents to utilize external entity references, which could access resources on the host system and, potentially, allowing arbitrary code execution."], "mitigation": {"lang": "en:us", "value": "Users should upgrade to Apache Standard Taglibs 1.2.3 or later.\nThis version uses JAXP\u2019s FEATURE_SECURE_PROCESSING to restrict XML processing. Depending on the Java runtime version in use, additional configuration may be required:\nJava8:\nExternal entity access is automatically disabled if a SecurityManager is active.\nJava7:\nJAXP properties may need to be used to disable external access. See http://docs.oracle.com/javase/tutorial/jaxp/properties/properties.html\nJava6 and earlier:\nA new system property org.apache.taglibs.standard.xml.accessExternalEntity may be used to specify the protocols that can be used to access external entities. This defaults to \"all\" if no SecurityManager is present and to \"\" (thereby disabling access) if a SecurityManager is detected."}, "name": "CVE-2015-0254", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Affected", "package_name": "jakarta-taglibs-standard", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "jetty", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:5", "fix_state": "Will not fix", "package_name": "web", "product_name": "Red Hat JBoss BRMS 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "fix_state": "Affected", "package_name": "web", "product_name": "Red Hat JBoss Enterprise Application Platform 5"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Affected", "package_name": "eap7", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:1", "fix_state": "Not affected", "package_name": "tomcat6", "product_name": "Red Hat JBoss Enterprise Web Server 1"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3", "fix_state": "Not affected", "package_name": "tomcat7", "product_name": "Red Hat JBoss Enterprise Web Server 3"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Will not fix", "package_name": "jbossas", "product_name": "Red Hat JBoss Operations Network 3"}, {"cpe": "cpe:/a:redhat:network_satellite:5.4", "fix_state": "Not affected", "package_name": "jakarta-taglibs-standard", "product_name": "Red Hat Satellite 5.4"}, {"cpe": "cpe:/a:redhat:network_satellite:5.5", "fix_state": "Not affected", "package_name": "jakarta-taglibs-standard", "product_name": "Red Hat Satellite 5.5"}, {"cpe": "cpe:/a:redhat:network_satellite:5.6", "fix_state": "Not affected", "package_name": "jakarta-taglibs-standard", "product_name": "Red Hat Satellite 5.6"}, {"cpe": "cpe:/a:redhat:network_satellite:5.7", "fix_state": "Not affected", "package_name": "jakarta-taglibs-standard", "product_name": "Red Hat Satellite 5.7"}, {"cpe": "cpe:/a:redhat:rhel_software_collections:2", "fix_state": "Affected", "package_name": "rh-java-common-jetty", "product_name": "Red Hat Software Collections"}], "public_date": "2015-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-0254\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-0254"], "statement": "Users of EAP 6.x and 7.0 should upgrade to at least 6.4.9 and pass the following system property on startup to prevent XXE attacks in JSTL:\norg.apache.taglibs.standard.xml.accessExternalEntity=false\nFor more details please see refer to this KCS solution:\nhttps://access.redhat.com/solutions/1584363", "threat_severity": "Important"}

{}