{"containers": {"cna": {"affected": [{"product": "Apache Log4j", "vendor": "Apache Software Foundation", "versions": [{"status": "affected", "version": "All versions between 2.0-alpha1 and 2.8.1"}]}], "datePublic": "2017-04-02T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code."}], "problemTypes": [{"descriptions": [{"description": "Remote Code Execution.", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-02-07T14:40:00.000Z", "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "shortName": "apache"}, "references": [{"name": "RHSA-2017:2888", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2888"}, {"name": "RHSA-2017:2809", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2809"}, {"name": "97702", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/97702"}, {"name": "1041294", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1041294"}, {"name": "RHSA-2017:2810", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2810"}, {"name": "RHSA-2017:1801", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1801"}, {"name": "RHSA-2017:2889", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2889"}, {"name": "RHSA-2017:2635", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2635"}, {"name": "RHSA-2017:2638", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2638"}, {"name": "RHSA-2017:1417", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1417"}, {"name": "RHSA-2017:2423", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2423"}, {"name": "RHSA-2017:2808", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2808"}, {"name": "1040200", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1040200"}, {"name": "RHSA-2017:2636", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2636"}, {"name": "RHSA-2017:3399", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3399"}, {"name": "RHSA-2017:2637", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2637"}, {"name": "RHSA-2017:3244", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3244"}, {"name": "RHSA-2017:3400", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:3400"}, {"name": "RHSA-2017:2633", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2633"}, {"name": "RHSA-2017:2811", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2811"}, {"name": "RHSA-2017:1802", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:1802"}, {"name": "RHSA-2019:1545", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1545"}, {"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"}, {"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E"}, {"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"}, {"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"}, {"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E"}, {"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E"}, {"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E"}, {"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E"}, {"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E"}, {"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E"}, {"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20181107-0002/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.apache.org/jira/browse/LOG4J2-1863"}, {"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"}, {"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E"}, {"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E"}, {"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@apache.org", "ID": "CVE-2017-5645", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Apache Log4j", "version": {"version_data": [{"version_value": "All versions between 2.0-alpha1 and 2.8.1"}]}}]}, "vendor_name": "Apache Software Foundation"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Remote Code Execution."}]}]}, "references": {"reference_data": [{"name": "RHSA-2017:2888", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2888"}, {"name": "RHSA-2017:2809", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2809"}, {"name": "97702", "refsource": "BID", "url": "http://www.securityfocus.com/bid/97702"}, {"name": "1041294", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1041294"}, {"name": "RHSA-2017:2810", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2810"}, {"name": "RHSA-2017:1801", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1801"}, {"name": "RHSA-2017:2889", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2889"}, {"name": "RHSA-2017:2635", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2635"}, {"name": "RHSA-2017:2638", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2638"}, {"name": "RHSA-2017:1417", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1417"}, {"name": "RHSA-2017:2423", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2423"}, {"name": "RHSA-2017:2808", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2808"}, {"name": "1040200", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1040200"}, {"name": "RHSA-2017:2636", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2636"}, {"name": "RHSA-2017:3399", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3399"}, {"name": "RHSA-2017:2637", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2637"}, {"name": "RHSA-2017:3244", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3244"}, {"name": "RHSA-2017:3400", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:3400"}, {"name": "RHSA-2017:2633", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2633"}, {"name": "RHSA-2017:2811", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2811"}, {"name": "RHSA-2017:1802", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:1802"}, {"name": "RHSA-2019:1545", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1545"}, {"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe@%3Ccommits.druid.apache.org%3E"}, {"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc@%3Cdev.logging.apache.org%3E"}, {"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125@%3Cdev.logging.apache.org%3E"}, {"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"}, {"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917@%3Cannounce.apache.org%3E"}, {"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9@%3Cdev.logging.apache.org%3E"}, {"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac@%3Cissues.activemq.apache.org%3E"}, {"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6@%3Cdev.tika.apache.org%3E"}, {"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c@%3Cissues.activemq.apache.org%3E"}, {"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2@%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad@%3Cdev.tika.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf@%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c@%3Cissues.activemq.apache.org%3E"}, {"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d@%3Ccommits.logging.apache.org%3E"}, {"name": "https://www.oracle.com/security-alerts/cpuapr2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}, {"name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html", "refsource": "CONFIRM", "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", "refsource": "MISC", "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"name": "https://www.oracle.com/security-alerts/cpujan2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"name": "https://security.netapp.com/advisory/ntap-20181107-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20181107-0002/"}, {"name": "https://security.netapp.com/advisory/ntap-20180726-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"}, {"name": "https://issues.apache.org/jira/browse/LOG4J2-1863", "refsource": "CONFIRM", "url": "https://issues.apache.org/jira/browse/LOG4J2-1863"}, {"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0@%3Cissues.bookkeeper.apache.org%3E"}, {"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397@%3Cissues.activemq.apache.org%3E"}, {"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"}, {"name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422@%3Ccommits.doris.apache.org%3E"}, {"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287@%3Cissues.beam.apache.org%3E"}, {"name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8@%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83@%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd@%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f@%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44@%3Cgithub.beam.apache.org%3E"}, {"name": "https://www.oracle.com/security-alerts/cpuoct2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"name": "https://www.oracle.com/security-alerts/cpujan2022.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T15:11:47.391Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2017:2888", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2888"}, {"name": "RHSA-2017:2809", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2809"}, {"name": "97702", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/97702"}, {"name": "1041294", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1041294"}, {"name": "RHSA-2017:2810", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2810"}, {"name": "RHSA-2017:1801", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1801"}, {"name": "RHSA-2017:2889", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2889"}, {"name": "RHSA-2017:2635", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2635"}, {"name": "RHSA-2017:2638", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2638"}, {"name": "RHSA-2017:1417", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1417"}, {"name": "RHSA-2017:2423", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2423"}, {"name": "RHSA-2017:2808", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2808"}, {"name": "1040200", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1040200"}, {"name": "RHSA-2017:2636", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2636"}, {"name": "RHSA-2017:3399", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:3399"}, {"name": "RHSA-2017:2637", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2637"}, {"name": "RHSA-2017:3244", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:3244"}, {"name": "RHSA-2017:3400", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:3400"}, {"name": "RHSA-2017:2633", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2633"}, {"name": "RHSA-2017:2811", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2811"}, {"name": "RHSA-2017:1802", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:1802"}, {"name": "RHSA-2019:1545", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1545"}, {"name": "[druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"}, {"name": "[logging-dev] 20191215 Re: Is there any chance that there will be a security fix for log4j-v1.2.17?", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E"}, {"name": "[logging-dev] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"}, {"name": "[oss-security] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"}, {"name": "[announce] 20191218 [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E"}, {"name": "[logging-dev] 20191219 Re: [CVE-2019-17571] Apache Log4j 1.2 deserialization of untrusted data in SocketServer", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E"}, {"name": "[activemq-issues] 20191226 [jira] [Created] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E"}, {"name": "[tika-dev] 20191226 [jira] [Created] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20191226 [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20191230 [jira] [Created] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E"}, {"name": "[activemq-issues] 20191230 [jira] [Created] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E"}, {"name": "[tika-dev] 20200106 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200107 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200108 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200110 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 Re: [jira] [Commented] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 [jira] [Closed] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200111 [jira] [Resolved] (TIKA-3018) log4j 1.2 version used by Apache Tika 1.23 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200114 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E"}, {"name": "[tika-dev] 20200115 [jira] [Commented] (TIKA-3019) [9.8] [CVE-2019-17571] [tika-app] [1.23]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Updated] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Assigned] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200122 [jira] [Resolved] (AMQ-7372) [9.8] [CVE-2019-17571] [activemq-all] [5.15.10]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200127 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200208 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Resolved] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E"}, {"name": "[activemq-issues] 20200228 [jira] [Updated] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E"}, {"name": "[logging-commits] 20200425 svn commit: r1059809 - /websites/production/logging/content/log4j/2.13.2/security.html", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20181107-0002/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.apache.org/jira/browse/LOG4J2-1863"}, {"name": "[bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"}, {"name": "[activemq-issues] 20200730 [jira] [Commented] (AMQ-7370) log4j 1.2 version used by AMQ 5.15.10 / 5.15.11 is vulnerable to CVE-2019-17571", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E"}, {"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5594: [FE][Bug]Update log4j-web to fix a security issue", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E"}, {"name": "[beam-issues] 20210528 [jira] [Created] (BEAM-12422) Vendored gRPC 1.36.0 is using a log4j version with security issues", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] lukecwik opened a new pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] codecov[bot] edited a comment on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E"}, {"name": "[beam-github] 20210701 [GitHub] [beam] suztomo commented on pull request #15113: [BEAM-12422] Upgrade log4j version not affected by CVE-2017-5645", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}]}]}, "cveMetadata": {"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09", "assignerShortName": "apache", "cveId": "CVE-2017-5645", "datePublished": "2017-04-17T21:00:00.000Z", "dateReserved": "2017-01-29T00:00:00.000Z", "dateUpdated": "2024-08-05T15:11:47.391Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*", "matchCriteriaId": "A364B542-9D74-48AD-9616-8F16107B3F9C", "versionEndExcluding": "2.8.2", "versionStartIncluding": "2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:oncommand_api_services:-:*:*:*:*:*:*:*", "matchCriteriaId": "5EC98B22-FFAA-4B59-8E63-EBAA4336AD13", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1BE6C1F-2565-4E97-92AA-16563E5660A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", "matchCriteriaId": "5735E553-9731-4AAC-BCFF-989377F817B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:service_level_manager:-:*:*:*:*:*:*:*", "matchCriteriaId": "7081652A-D28B-494E-94EF-CA88117F23EE", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*", "matchCriteriaId": "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*", "matchCriteriaId": "7B7A6697-98CC-4E36-93DB-B7160F8399F9", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:fuse:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "077732DB-F5F3-4E9C-9AC0-8142AB85B32F", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "5F6FA12B-504C-4DBF-A32E-0548557AA2ED", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "D5F7E11E-FB34-4467-8919-2B6BEAABF665", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "825ECE2D-E232-46E0-A047-074B34DB1E97", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "A5553591-073B-45E3-999F-21B8BA2EEE22", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:application_testing_suite:13.3.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "A125E817-F974-4509-872C-B71933F42AD1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6FAA9FFE-8F55-4E81-B62F-A5500468AD30", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:autovue_vuelink_integration:21.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "C41B952C-B6FD-4244-BEEE-A1EB73503594", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "8972497F-6E24-45A9-9A18-EB0E842CB1D4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "400509A8-D6F2-432C-A2F1-AD5B8778D0D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "132CE62A-FBFC-4001-81EC-35D81F73AF48", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:bi_publisher:11.1.1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "3D8D08B8-CE61-45A3-BAC2-6D0E7D567B68", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:bi_publisher:11.1.1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "C83DA9A0-2EBC-4298-8412-1A7C4DC88C2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:bi_publisher:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "9DC56004-4497-4CDD-AE76-5E3DFAE170F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:bi_publisher:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "274A0CF5-41E8-42E0-9931-F7372A65B9C4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_converged_application_server_-_service_controller:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "66DCCCD9-2170-4675-A447-FB679BC28A74", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_instant_messaging_server:10.0.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "FD945A04-174C-46A2-935D-4F92631D1018", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_interactive_session_recorder:*:*:*:*:*:*:*:*", "matchCriteriaId": "9D5F8F04-7DFB-4B44-90CF-F1372DB8313C", "versionEndIncluding": "6.2", "versionStartIncluding": "6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_messaging_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "A53B6FD8-8367-4915-B4D0-23572F31C539", "versionEndExcluding": "8.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_network_integrity:*:*:*:*:*:*:*:*", "matchCriteriaId": "ABD748C9-24F6-4739-9772-208B98616EE2", "versionEndIncluding": "7.3.6", "versionStartIncluding": "7.3.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_online_mediation_controller:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "15817206-C2AD-47B7-B40F-85BB36DB4E78", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "F6C9F582-6C82-4994-9724-22E9575E48B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_pricing_design_center:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "49BB6E9C-B630-4BDC-AEC1-7F031F612D6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_service_broker:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "373C4024-679F-4C37-B408-0FB0D7FD845F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:communications_webrtc_session_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "77120A3C-9A48-45FC-A620-5072AF325ACF", "versionEndExcluding": "7.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "8A76F09D-AF43-426B-A04F-79E1CAC51D03", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:configuration_manager:12.1.2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "F5B5E83F-D4FD-4ABB-9B8E-97C0E7571AA5", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:endeca_information_discovery_studio:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "9D03A8C9-35A5-4B75-9711-7A4A60457307", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_data_quality:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "36CF85A9-2C29-46E7-961E-8ADD0B5822CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "36E39918-B2D6-43F0-A607-8FD8BFF6F340", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "1FEB8446-7EAC-4A8D-B6EE-3AAC2294C324", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:12.1.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "14480702-4398-4C28-82A6-E7329FB3B650", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_fusion_middleware:13.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "6F4E0F9A-D925-43FB-A1B7-452EEAE6BE2D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_mysql_database:*:*:*:*:*:*:*:*", "matchCriteriaId": "C2239009-34CE-4E54-992B-835649C9D96F", "versionEndIncluding": "13.2.2.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:12.1.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "41650E24-8BFD-42F0-A3E2-545118602690", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_oracle_database:13.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "C5AFC807-4873-42B3-AEDE-8633A9BDDEF2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.1.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2E3D0D69-6AFF-49DD-9BB4-5C0C6905D14E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_manager_for_peoplesoft:13.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "532955A8-7292-4662-9324-C961587C8657", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E3469D7-69E4-4242-B45A-C0CD9E691C4A", "versionEndIncluding": "7.3.3.0.2", "versionStartIncluding": "7.3.3.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D94C05C-7403-47D3-98D8-2DA8373FEE6F", "versionEndIncluding": "8.0.7.0.0", "versionStartIncluding": "8.0.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "46E31100-478A-480C-9518-A6D8FBB94B8B", "versionEndIncluding": "8.0.4.0.0", "versionStartIncluding": "8.0.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_behavior_detection_platform:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "48D8CC72-A67A-4CB0-948D-53488ACC7826", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "8DECBF5C-6C87-424F-A116-DD534EC5946C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_hedge_management_and_ifrs_valuations:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "3469C84E-50F3-4461-864C-E59174DDC981", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:*:*:*:*:*:*:*:*", "matchCriteriaId": "2959030B-A9B7-4423-A2E8-9352FC83C4A2", "versionEndIncluding": "14.8.0", "versionStartIncluding": "14.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_lending_and_leasing:12.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "317CA916-61F3-4E24-B42F-610A1C88A5BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "4E7791EF-A99D-4D52-AFC7-157372E88E21", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_loan_loss_forecasting_and_provisioning:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "265B796B-2DDA-43A6-A3A9-1A79676F25C2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:*:*:*:*:*:*:*:*", "matchCriteriaId": "D4279644-04B8-4E58-A38D-CD1E4FB1C39C", "versionEndIncluding": "8.0.7.0.0", "versionStartIncluding": "8.0.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_profitability_management:6.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "43422E17-1D41-497E-A60B-31B1B4D6D563", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:financial_services_regulatory_reporting_with_agilereporter:8.0.9.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C9C146BA-6F4F-4A6F-8E53-8A4F5B8E15D9", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "B0A34DF8-72CC-4A8E-84F2-C2DF4A0B9FAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "21BE77B2-6368-470E-B9E6-21664D9A818A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "3250073F-325A-4AFC-892F-F2005E3854A5", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:12.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "0DDDC9C2-33D6-4123-9ABC-C9B809A6E88E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:flexcube_investor_servicing:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "991A279B-9D7C-4E39-8827-BC21C2C03B83", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "D151B58F-5583-4F19-B225-80075B45441B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:fusion_middleware_mapviewer:12.2.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "C7D665C9-408A-4039-A2D4-9EE565BC4656", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:goldengate:12.3.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "65B765DA-560B-4367-B9B0-B7369BC4D3DC", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:goldengate_application_adapters:12.3.2.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "CECECC34-8112-4328-BA49-39F30BE7874A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:identity_analytics:11.1.1.5.8:*:*:*:*:*:*:*", "matchCriteriaId": "B4855252-D6CA-461D-B196-30AFA7482868", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:identity_management_suite:11.1.2.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "7A79A489-F37C-420A-83B1-4482A8DFF9BB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:identity_management_suite:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1489DDA7-EDBE-404C-B48D-F0B52B741708", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:identity_manager_connector:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E8BD581B-1CC0-4236-836A-204BBCBBBF77", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.1:*:*:*:*:*:*:*", "matchCriteriaId": "16BBC649-7AA8-4B8E-9A3F-CC62948F0102", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:in-memory_performance-driven_planning:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "289702F6-1CC4-4D88-9745-EB0FA68A732B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:instantis_enterprisetrack:*:*:*:*:*:*:*:*", "matchCriteriaId": "9A74FD5F-4FEA-4A74-8B92-72DFDE6BA464", "versionEndIncluding": "17.3", "versionStartIncluding": "17.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "CEE4B2F0-1AAB-4A1F-AE86-A568D43891B3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_calculation_engine:10.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "C79B50C2-27C2-4A9C-ACEE-B70015283F58", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "9ED4F724-C92F-4B4F-B631-81A4EA706DB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "900450EB-A71D-4A8E-B8C4-AFD36F9A36B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "68017B52-6597-4E32-A38F-634B5635568C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_policy_administration:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "A19D11A6-BA1D-4121-8686-C177C450777F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "DB6321F8-7A0A-4DB8-9889-3527023C652A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.1:*:*:*:*:*:*:*", "matchCriteriaId": "25F8E604-8180-4728-AD2D-7FF034E3E65A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:10.2:*:*:*:*:*:*:*", "matchCriteriaId": "02867DC7-E669-43C0-ACC4-E1CAA8B9994C", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "FBAFA631-C92B-4FF7-8E65-07C67789EBCD", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:insurance_rules_palette:11.1:*:*:*:*:*:*:*", "matchCriteriaId": "9652104A-119D-4327-A937-8BED23C23861", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:4.0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "A055CAA6-F789-4E63-A212-84DBAC4BF044", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:11.1.1.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "A7506589-9B3B-49BA-B826-774BFDCC45B8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "042C243F-EDFE-4A04-AB0B-26E73CC34837", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "228DA523-4D6D-48C5-BDB0-DB1A60F23F8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "matchCriteriaId": "48D04F3B-A385-4D8C-BD05-53006452346A", "versionEndIncluding": "3.4.7.4297", "versionStartIncluding": "3.4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "matchCriteriaId": "4424C7C9-508B-4824-91A7-AFA1D8C8C698", "versionEndIncluding": "4.0.4.5235", "versionStartIncluding": "4.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "matchCriteriaId": "BFFFF50D-D301-4752-B720-4340C69E2A98", "versionEndIncluding": "8.0.0.8131", "versionStartIncluding": "8.0.0.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:peoplesoft_enterprise_fin_install:9.2:*:*:*:*:*:*:*", "matchCriteriaId": "B21E71BD-DD38-4634-BF9F-092D55000DE6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "9D8B3B57-73D6-4402-987F-8AE723D52F94", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "62BF043E-BCB9-433D-BA09-7357853EE127", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "3F26FB80-F541-4B59-AC3C-633F49388B59", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "07EB8080-B6DE-47F4-B978-F56AEF7294BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "0AE52320-14DB-4BD5-A1E5-6BBE4829923A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "2C0B5E4B-BA35-4949-B7EC-70C5F5E44FD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "165E98B6-9ADA-46A7-92C0-E3624D6D89C5", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "092C9E61-8A0A-4348-A423-A9312D7D330F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "01949739-F799-47FE-9118-617F84903F70", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "34FAA06A-F092-452A-B35C-BC133834DA59", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "B8A9A0D5-95B9-47BB-8303-03D40DE46678", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "F071925B-7B0A-4250-9A25-1221711453FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "93CF9B92-309E-4356-B8C1-CB161A712479", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation:12.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "2CBCA717-6B8B-4CAF-8E9C-57335925CE2F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_connector_for_siebel:10.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "0DB5E2C7-9C68-4D3B-95AD-9CBF65DE1E94", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:10.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "8FFEC4A8-E000-4921-8563-5BC3B0DC6C5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "DDB7DE72-2E0D-427D-AF1E-2BC068D0756B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "4C64A19B-BC3D-4C84-AE38-75EEAE3B5BEA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5825956B-B0DD-4083-8E50-B8148F9F438E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "691A45D3-A594-4E95-9894-87B9FD6BE833", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "2F36C640-592C-4081-8B97-2432BF7DD1F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C477753B-2716-4266-815B-5BABDDFE1FDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "9F94F4C7-8E3E-4D0E-A5E7-E8D4E2D21D6D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.5:*:*:*:*:*:*:*", "matchCriteriaId": "CBCF09A6-8A57-40F4-9EB3-48F4806B4803", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.6:*:*:*:*:*:*:*", "matchCriteriaId": "CBBE93A9-5628-4176-866E-88DE10B9778D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.7:*:*:*:*:*:*:*", "matchCriteriaId": "FDB71361-D75B-4937-A48E-C2C0064E09FB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.8:*:*:*:*:*:*:*", "matchCriteriaId": "FEB68145-0577-472D-B310-A7BF065ADA9E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.9:*:*:*:*:*:*:*", "matchCriteriaId": "56961578-6FCB-489C-8431-22F9D263DFFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:policy_automation_for_mobile_devices:12.2.10:*:*:*:*:*:*:*", "matchCriteriaId": "93EA52BF-E710-4309-9272-8F81D5751ABA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "06CF27F6-ADC1-480C-9D2E-2BD1E7330C32", "versionEndIncluding": "16.2.11", "versionStartIncluding": "16.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:primavera_gateway:*:*:*:*:*:*:*:*", "matchCriteriaId": "E4AA3854-C9FD-4287-85A0-EE7907D1E1ED", "versionEndIncluding": "17.12.7", "versionStartIncluding": "17.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:rapid_planning:12.1:*:*:*:*:*:*:*", "matchCriteriaId": "19A0F1AF-F2E6-44E7-8E2D-190E103B72D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:rapid_planning:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "6D53690D-3390-4A27-988A-709CD89DD05B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "A25285DC-9E51-44F8-818A-86A79B3565DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_advanced_inventory_planning:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "517E0654-F1DE-43C4-90B5-FB90CA31734B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_clearance_optimization_engine:14.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "FE91D517-D85D-4A8D-90DC-4561BBF8670E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.0:*:*:*:*:*:*:*", "matchCriteriaId": "202DE5CB-B3D4-4289-9AA2-24E9CE266EE3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.1:*:*:*:*:*:*:*", "matchCriteriaId": "2F7D07CB-15D2-424D-8E25-7AC59ACFFD05", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_extract_transform_and_load:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "AE02A69E-F820-4261-8D7E-9B1021E5A9AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_extract_transform_and_load:19.0:*:*:*:*:*:*:*", "matchCriteriaId": "4E306B67-E1BD-4A67-A77D-A7DC72D5B957", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "CB5F56EC-8415-4BA1-9D8A-C77F4BB1AF62", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:14.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "965BCB93-2DED-41FD-972E-FF5958691A35", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "42064F46-3012-4FB1-89BA-F13C2E4CBB6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_integration_bus:16.0:*:*:*:*:*:*:*", "matchCriteriaId": "F73E2EFA-0F43-4D92-8C7D-9E66811B76D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_open_commerce_platform:5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "07630491-0624-4C5C-A858-C5D3CDCD1B68", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "EC9CA11F-F718-43E5-ADB9-6C348C75E37A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_open_commerce_platform:6.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "9FBAAD32-1E9D-47F1-9F47-76FEA47EF54F", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_predictive_application_server:15.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "24A3C819-5151-4543-A5C6-998C9387C8A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_service_backbone:14.1:*:*:*:*:*:*:*", "matchCriteriaId": "378A6656-252B-4929-83EA-BC107FDFD357", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_service_backbone:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "363395FA-C296-4B2B-9D6F-BCB8DBE6FACE", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:retail_service_backbone:16.0:*:*:*:*:*:*:*", "matchCriteriaId": "F62A2144-5EF8-4319-B8C2-D7975F51E5FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:18.7:*:*:*:*:*:*:*", "matchCriteriaId": "EBAE649F-0389-4875-A995-E73E287AB342", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:18.8:*:*:*:*:*:*:*", "matchCriteriaId": "9D5EC241-7D11-47F4-8B41-D362651A5E8B", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:siebel_ui_framework:18.9:*:*:*:*:*:*:*", "matchCriteriaId": "8FCB6791-EBFA-4620-ABD4-D55CDCF3EA9D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:soa_suite:12.1.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF4C318C-5D1E-479B-9597-9FAD9E186111", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:soa_suite:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "65994DC4-C9C0-48B0-88AB-E2958B4EB9E3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:soa_suite:12.2.2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "4580A7AB-54A9-4784-9087-A3F107258593", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:tape_library_acsls:8.4:*:*:*:*:*:*:*", "matchCriteriaId": "70D4467D-6968-4557-AF61-AFD42B2B48D3", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:timesten_in-memory_database:11.2.2.8.49:*:*:*:*:*:*:*", "matchCriteriaId": "F9EB3DE5-142C-43A5-9735-CB73C54D42E4", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:utilities_advanced_spatial_and_operational_analytics:2.7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "6FD0EC40-B96B-4E9C-9A81-4E65C4B9512E", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:utilities_work_and_asset_management:1.9.1.2.12:*:*:*:*:*:*:*", "matchCriteriaId": "BB1011D4-E5EE-4722-B644-D522EFC6337A", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:10.3.6.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "B40B13B7-68B3-4510-968C-6A730EB46462", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.1.3.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "C93CC705-1F8C-4870-99E6-14BF264C3811", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "F14A818F-AA16-4438-A3E4-E64C9287AC66", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:12.2.1.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "4A5BB153-68E0-4DDA-87D1-0D9AB7F0A418", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:weblogic_server:14.1.1.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "04BCDC24-4A21-473C-8733-0D9CFB38A752", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code."}, {"lang": "es", "value": "En Apache Log4j 2.x en versiones anteriores a 2.8.2, cuando se utiliza el servidor de socket TCP o el servidor de socket UDP para recibir sucesos de registro serializados de otra aplicaci\u00f3n, puede enviarse una carga binaria especialmente dise\u00f1ada que, cuando se deserializa, puede ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2017-5645", "lastModified": "2025-04-20T01:37:25.860", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-04-17T21:59:00.373", "references": [{"source": "security@apache.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"}, {"source": "security@apache.org", "tags": ["Patch"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"source": "security@apache.org", "tags": ["Patch"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"source": "security@apache.org", "tags": ["Patch"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97702"}, {"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040200"}, {"source": "security@apache.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041294"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1417"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1801"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1802"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2423"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2633"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2635"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2636"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2637"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2638"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2808"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2809"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2810"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2811"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2888"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2889"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:3244"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:3399"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:3400"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1545"}, {"source": "security@apache.org", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://issues.apache.org/jira/browse/LOG4J2-1863"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"}, {"source": "security@apache.org", "url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20181107-0002/"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"source": "security@apache.org", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"source": "security@apache.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/12/19/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/97702"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1040200"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1041294"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1417"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1801"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:1802"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2423"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2633"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2635"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2636"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2637"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2638"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2808"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2809"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2810"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2811"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2888"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2889"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:3244"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:3399"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:3400"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1545"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://issues.apache.org/jira/browse/LOG4J2-1863"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/0dcca05274d20ef2d72584edcf8c917bbb13dbbd7eb35cae909d02e9%40%3Cdev.logging.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/277b4b5c2b0e06a825ccec565fa65bd671f35a4d58e3e2ec5d0618e1%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/44491fb9cc19acc901f7cff34acb7376619f15638439416e3e14761c%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/479471e6debd608c837b9815b76eab24676657d4444fcfd5ef96d6e6%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/6114ce566200d76e3cc45c521a62c2c5a4eac15738248f58a99f622c%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/84cc4266238e057b95eb95dfd8b29d46a2592e7672c12c92f68b2917%40%3Cannounce.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/8ab32b4c9f1826f20add7c40be08909de9f58a89dc1de9c09953f5ac%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/9317fd092b257a0815434b116a8af8daea6e920b6673f4fd5583d5fe%40%3Ccommits.druid.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/e8fb7d76a244ee997ba4b217d6171227f7c2521af8c7c5b16cba27bc%40%3Cdev.logging.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r0831e2e52a390758ce39a6193f82c11c295175adce6e6307de28c287%40%3Cissues.beam.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r18f1c010b554a3a2d761e8ffffd8674fd4747bcbcf16c643d708318c%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r23369fd603eb6d62d3b883a0a28d12052dcbd1d6d531137124cd7f83%40%3Cgithub.beam.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r2ce8d26154bea939536e6cf27ed02d3192bf5c5d04df885a80fe89b3%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r2ff63f210842a3c5e42f03a35d8f3a345134d073c80a04077341c211%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3784834e80df2f284577a5596340fb84346c91a2dea6a073e65e3397%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3a85514a518f3080ab1fc2652cfe122c2ccf67cfb32356acb1b08fe8%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r3d666e4e8905157f3c046d31398b04f2bfd4519e31f266de108c6919%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r4b25538be50126194cc646836c718b1a4d8f71bd9c912af5b59134ad%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r61590890edcc64140e0c606954b29a063c3d08a2b41d447256d51a78%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r681b4432d0605f327b68b9f8a42662993e699d04614de4851c35ffd1%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r746fbc3fc13aee292ae6851f7a5080f592fa3a67b983c6887cdb1fc5%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r7bcdc710857725c311b856c0b82cee6207178af5dcde1bd43d289826%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r94b5aae09c4bcff5d06cf641be17b00bd83ba7e10cad737bf16a1b8f%40%3Cgithub.beam.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/r9d5c1b558a15d374bd5abd2d3ae3ca7e50e796a0efdcf91e9c5b4cdd%40%3Cgithub.beam.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/ra38785cfc0e7f17f8e24bebf775dd032c033fadcaea29e5bc9fffc60%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/ra9a682bc0a8dff1c5cefdef31c7c25f096d9121207cf2d74e2fc563d%40%3Ccommits.logging.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/raedd12dc24412b3780432bf202a2618a21a727788543e5337a458ead%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rb1b29aee737e1c37fe1d48528cb0febac4f5deed51f5412e6fdfe2bf%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rbfa7a0742be4981a3f9356a23d0e1a5f2e1eabde32a1a3d8e41420f8%40%3Cgithub.beam.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rc1eaed7f7d774d5d02f66e49baced31e04827a1293d61a70bd003ca7%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rca24a281000fb681d7e26e5c031a21eb4b0593a7735f781b53dae4e2%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rcbb79023a7c8494cb389cd3d95420fa9e0d531ece0b780b8c1f99422%40%3Ccommits.doris.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rd5dbeee4808c0f2b9b51479b50de3cc6adb1072c332a200d9107f13e%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rdbd579dc223f06af826d7de340218ee2f80d8b43fa7e4decb2a63f44%40%3Cgithub.beam.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rdec0d8ac1f03e6905b0de2df1d5fcdb98b94556e4f6cccf7519fdb26%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/re8c21ed9dd218c217d242ffa90778428e446b082b5e1c29f567e8374%40%3Cissues.activemq.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.apache.org/thread.html/rf2567488cfc9212b42e34c6393cfa1c14e30e4838b98dda84d71041f%40%3Cdev.tika.apache.org%3E"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20180726-0002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20181107-0002/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujul2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"}], "sourceIdentifier": "security@apache.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2017:2423", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "log4j-0:1.2.17-16.el7_4", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-08-07T00:00:00Z"}, {"advisory": "RHSA-2019:1545", "cpe": "cpe:/a:redhat:jboss_fuse:7", "product_name": "Red Hat Fuse 7.3.1", "release_date": "2019-06-18T00:00:00Z"}, {"advisory": "RHSA-2021:3140", "cpe": "cpe:/a:redhat:jboss_fuse:7", "impact": "low", "package": "hawtio-osgi", "product_name": "Red Hat Fuse 7.9", "release_date": "2021-08-11T00:00:00Z"}, {"advisory": "RHSA-2017:2889", "cpe": "cpe:/a:redhat:jboss_bpms:6.4", "package": "log4j", "product_name": "Red Hat JBoss BPMS 6.4", "release_date": "2017-10-12T00:00:00Z"}, {"advisory": "RHSA-2017:2888", "cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:6.4", "package": "log4j", "product_name": "Red Hat JBoss BRMS 6.4", "release_date": "2017-10-12T00:00:00Z"}, {"advisory": "RHSA-2017:3244", "cpe": "cpe:/a:redhat:jboss_data_grid:7.1", "product_name": "Red Hat JBoss Data Grid 7.1", "release_date": "2017-11-16T00:00:00Z"}, {"advisory": "RHSA-2017:2810", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7", "product_name": "Red Hat JBoss EAP 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:3400", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5", "product_name": "Red Hat JBoss Enterprise Application Platform 5.2 security update", "release_date": "2017-12-07T00:00:00Z"}, {"advisory": "RHSA-2017:3399", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5::el5", "package": "log4j-0:1.2.14-19.patch_01.ep5.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 5", "release_date": "2017-12-07T00:00:00Z"}, {"advisory": "RHSA-2017:3399", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:5::el6", "package": "log4j-0:1.2.14-19.patch_01.ep5.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 5 for RHEL 6", "release_date": "2017-12-07T00:00:00Z"}, {"advisory": "RHSA-2017:2633", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6.4", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2637", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el5", "package": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el5", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2635", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2638", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el6", "package": "jboss-ec2-eap-0:7.5.17-1.Final_redhat_4.ep6.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 6", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "apache-cxf-0:2.7.18-7.SP6_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "codehaus-jackson-0:1.9.9-11.redhat_5.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hibernate4-eap6-0:4.2.27-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "hornetq-0:2.3.25-22.SP20_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "infinispan-0:5.2.22-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-appclient-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-bundles-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cli-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-client-all-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-clustering-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-cmp-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-connector-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-controller-client-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-core-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-core-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-repository-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-deployment-scanner-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-domain-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-http-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-domain-management-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ee-deployment-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-ejb3-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-embedded-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-host-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jacorb-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-javadocs-0:7.5.17-4.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxr-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jaxrs-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jdr-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jpa-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsf-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-jsr77-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-logging-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-mail-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-management-client-content-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-messaging-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-modcluster-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-modules-eap-0:7.5.17-1.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-naming-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-network-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-configadmin-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-osgi-service-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-picketlink-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-platform-mbean-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-pojo-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-process-controller-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-product-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-protocol-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-remoting-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-sar-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-security-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-server-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-standalone-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-system-jmx-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-threads-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-transactions-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-version-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-web-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-webservices-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossas-welcome-content-eap-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-weld-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-as-xts-0:7.5.17-2.Final_redhat_4.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-marshalling-0:1.4.10-3.SP3_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-metadata-0:7.2.3-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-modules-0:1.3.10-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-remoting3-0:3.3.10-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jboss-vfs2-0:3.2.12-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "jbossweb-0:7.5.24-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "log4j-jboss-logmanager-0:1.1.4-1.Final_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "picketlink-bindings-0:2.5.4-17.SP15_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2636", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:6::el7", "package": "picketlink-federation-0:2.5.4-17.SP15_redhat_1.1.ep6.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7", "release_date": "2017-09-05T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2809", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2811", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el6", "package": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el6", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-artemis-native-0:1.1.0-13.redhat_4.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-bouncycastle-0:1.56.0-3.redhat_2.2.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-hibernate-validator-0:5.2.5-2.Final_redhat_2.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jasypt-0:1.9.2-2.redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-jms-api_2.0_spec-0:1.0.1-2.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-logmanager-0:2.0.7-2.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-metadata-0:10.0.2-2.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-remote-naming-0:2.0.5-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-remoting-0:4.0.24-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-log4j-jboss-logmanager-0:1.1.4-2.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-picketlink-bindings-0:2.5.5-9.SP8_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-picketlink-federation-0:2.5.5-9.SP8_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-undertow-0:1.3.31-1.Final_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-wildfly-0:7.0.8-4.GA_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2808", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-wildfly-javadocs-0:7.0.8-1.GA_redhat_1.1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2811", "cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7::el7", "package": "eap7-jboss-ec2-eap-0:7.0.8-1.GA_redhat_1.ep7.el7", "product_name": "Red Hat JBoss Enterprise Application Platform 7.0 for RHEL 7", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:1802", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1", "package": "log4j", "product_name": "Red Hat JBoss Web Server 3.1", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1801", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1801", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat7-0:7.0.70-22.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1801", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat8-0:8.0.36-24.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1801", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el6", "package": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el6", "product_name": "Red Hat JBoss Web Server 3 for RHEL 6", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1801", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "log4j-eap6-0:1.2.16-12.redhat_3.1.ep6.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1801", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat7-0:7.0.70-22.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1801", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat8-0:8.0.36-24.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1801", "cpe": "cpe:/a:redhat:jboss_enterprise_web_server:3.1::el7", "package": "tomcat-native-0:1.2.8-10.redhat_10.ep7.el7", "product_name": "Red Hat JBoss Web Server 3 for RHEL 7", "release_date": "2017-07-25T00:00:00Z"}, {"advisory": "RHSA-2017:1417", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-java-common-log4j-0:1.2.17-15.15.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6", "release_date": "2017-06-08T00:00:00Z"}, {"advisory": "RHSA-2017:1417", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el6", "package": "rh-java-common-log4j-0:1.2.17-15.15.el6", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS", "release_date": "2017-06-08T00:00:00Z"}, {"advisory": "RHSA-2017:1417", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-java-common-log4j-0:1.2.17-15.15.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7", "release_date": "2017-06-08T00:00:00Z"}, {"advisory": "RHSA-2017:1417", "cpe": "cpe:/a:redhat:rhel_software_collections:2::el7", "package": "rh-java-common-log4j-0:1.2.17-15.15.el7", "product_name": "Red Hat Software Collections for Red Hat Enterprise Linux 7.3 EUS", "release_date": "2017-06-08T00:00:00Z"}], "bugzilla": {"description": "log4j: Socket receiver deserialization vulnerability", "id": "1443635", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1443635"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.1", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-502", "details": ["In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.", "It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application."], "name": "CVE-2017-5645", "package_state": [{"cpe": "cpe:/a:redhat:amq_broker:7", "fix_state": "Affected", "impact": "low", "package_name": "hawtio-osgi", "product_name": "Red Hat AMQ Broker 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "log4j", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "log4j", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/a:redhat:openstack-optools:7", "fix_state": "Not affected", "package_name": "log4j", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools"}, {"cpe": "cpe:/a:redhat:enterprise_linux:7::hypervisor", "fix_state": "Will not fix", "package_name": "jasperreports-server-pro", "product_name": "Red Hat Enterprise Virtualization 3"}, {"cpe": "cpe:/a:redhat:jboss_fuse:7", "fix_state": "Affected", "package_name": "log4j", "product_name": "Red Hat Fuse 7"}, {"cpe": "cpe:/a:redhat:jboss_amq:6", "fix_state": "Affected", "package_name": "log4j", "product_name": "Red Hat JBoss A-MQ 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:5", "fix_state": "Will not fix", "package_name": "log4j", "product_name": "Red Hat JBoss BRMS 5"}, {"cpe": "cpe:/a:redhat:jboss_data_grid:7", "fix_state": "Affected", "impact": "moderate", "package_name": "log4j-core", "product_name": "Red Hat JBoss Data Grid 7"}, {"cpe": "cpe:/a:redhat:jboss_data_virtualization:6", "fix_state": "Not affected", "package_name": "log4j", "product_name": "Red Hat JBoss Data Virtualization 6"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_web_server:2", "fix_state": "Will not fix", "package_name": "log4j", "product_name": "Red Hat JBoss Enterprise Web Server 2"}, {"cpe": "cpe:/a:redhat:jboss_fuse:6", "fix_state": "Affected", "package_name": "log4j", "product_name": "Red Hat JBoss Fuse 6"}, {"cpe": "cpe:/a:redhat:jboss_fuse_service_works:6", "fix_state": "Will not fix", "package_name": "log4j", "product_name": "Red Hat JBoss Fuse Service Works 6"}, {"cpe": "cpe:/a:redhat:jboss_operations_network:3", "fix_state": "Not affected", "package_name": "log4j", "product_name": "Red Hat JBoss Operations Network 3"}, {"cpe": "cpe:/a:redhat:jboss_enterprise_soa_platform:5", "fix_state": "Will not fix", "package_name": "log4j", "product_name": "Red Hat JBoss SOA Platform 5"}, {"cpe": "cpe:/a:redhat:mobile_application_platform:4", "fix_state": "Not affected", "package_name": "log4j", "product_name": "Red Hat Mobile Application Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:3", "fix_state": "Not affected", "package_name": "log4j", "product_name": "Red Hat OpenShift Enterprise 3"}, {"cpe": "cpe:/a:redhat:network_satellite:5", "fix_state": "Not affected", "package_name": "nutch", "product_name": "Red Hat Satellite 5"}, {"cpe": "cpe:/a:rhel_sam:1", "fix_state": "Not affected", "package_name": "log4j", "product_name": "Red Hat Subscription Asset Manager"}], "public_date": "2017-04-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-5645\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-5645"], "statement": "The flaw in Log4j-1.x is now identified by CVE-2019-17571. CVE-2017-5645 has been assigned by MITRE to a similar flaw identified in Log4j-2.x", "threat_severity": "Important"}

{}