Vulnerabilities > CVE-2018-12022 - Deserialization of Untrusted Data vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload.

Vulnerable Configurations

Part Description Count
Application
Fasterxml
115
Application
Oracle
2
Application
Redhat
6
OS
Debian
1
OS
Fedoraproject
1

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4452.NASL
    descriptionMultiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id125416
    published2019-05-28
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125416
    titleDebian DSA-4452-1 : jackson-databind - security update
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Debian Security Advisory DSA-4452. The text 
    # itself is copyright (C) Software in the Public Interest, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(125416);
      script_version("1.2");
      script_cvs_date("Date: 2020/01/15");
    
      script_cve_id("CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-12086");
      script_xref(name:"DSA", value:"4452");
    
      script_name(english:"Debian DSA-4452-1 : jackson-databind - security update");
      script_summary(english:"Checks dpkg output for the updated package");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Debian host is missing a security-related update."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Multiple security issues were found in jackson-databind, a Java
    library to parse JSON and other data formats which could result in
    information disclosure or the execution of arbitrary code."
      );
      # https://security-tracker.debian.org/tracker/source-package/jackson-databind
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?61134ddf"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://packages.debian.org/source/stretch/jackson-databind"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.debian.org/security/2019/dsa-4452"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "Upgrade the jackson-databind packages.
    
    For the stable distribution (stretch), these problems have been fixed
    in version 2.8.6-1+deb9u5."
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-19362");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:jackson-databind");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:9.0");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/01/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/05/24");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/05/28");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Debian Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("debian_package.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
    if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    
    flag = 0;
    if (deb_check(release:"9.0", prefix:"libjackson2-databind-java", reference:"2.8.6-1+deb9u5")) flag++;
    if (deb_check(release:"9.0", prefix:"libjackson2-databind-java-doc", reference:"2.8.6-1+deb9u5")) flag++;
    
    if (flag)
    {
      if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());
      else security_hole(0);
      exit(0);
    }
    else audit(AUDIT_HOST_NOT, "affected");
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1107.NASL
    descriptionAn update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.1 Release Notes for information on the most significant bug fixes and enhancements included in this release. Security Fix(es) : * jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307) * jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022) * jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023) * undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642) * jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720) * jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721) * wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805) * wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id124840
    published2019-05-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124840
    titleRHEL 6 : JBoss EAP (RHSA-2019:1107)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-DF57551F6D.NASL
    descriptionFixes CVE-2018-14718 CVE-2018-14719 CVE-2018-19360 CVE-2018-19361 CVE-2018-19362 CVE-2018-12022 CVE-2018-12023 CVE-2018-14720 CVE-2018-14721 and CVE-2016-7051. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122290
    published2019-02-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122290
    titleFedora 29 : bouncycastle / eclipse-jgit / eclipse-linuxtools / etc (2019-df57551f6d)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1108.NASL
    descriptionAn update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. This release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.1 Release Notes for information on the most significant bug fixes and enhancements included in this release. Security Fix(es) : * jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307) * jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022) * jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023) * undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642) * jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720) * jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721) * wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805) * wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id124841
    published2019-05-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124841
    titleRHEL 7 : JBoss EAP (RHSA-2019:1108)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1703.NASL
    descriptionSeveral deserialization flaws were discovered in jackson-databind, a fast and powerful JSON library for Java, which could allow an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization. For Debian 8
    last seen2020-06-01
    modified2020-06-02
    plugin id122603
    published2019-03-05
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122603
    titleDebian DLA-1703-1 : jackson-databind security update

Redhat

advisories
  • rhsa
    idRHBA-2019:0959
  • rhsa
    idRHSA-2019:0782
  • rhsa
    idRHSA-2019:0877
  • rhsa
    idRHSA-2019:1106
  • rhsa
    idRHSA-2019:1107
  • rhsa
    idRHSA-2019:1108
  • rhsa
    idRHSA-2019:1140
  • rhsa
    idRHSA-2019:1782
  • rhsa
    idRHSA-2019:1797
  • rhsa
    idRHSA-2019:1822
  • rhsa
    idRHSA-2019:1823
  • rhsa
    idRHSA-2019:2804
  • rhsa
    idRHSA-2019:2858
  • rhsa
    idRHSA-2019:3002
  • rhsa
    idRHSA-2019:3140
  • rhsa
    idRHSA-2019:3149
  • rhsa
    idRHSA-2019:3892
  • rhsa
    idRHSA-2019:4037
rpms
  • rh-maven35-jackson-databind-0:2.7.6-2.5.el7
  • rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7
  • eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap
  • eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap
  • eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap
  • eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap
  • eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap
  • eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap
  • eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap
  • eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap
  • eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap
  • eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap
  • eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap
  • eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap
  • eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap
  • eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap
  • eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap
  • eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap
  • eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap
  • eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap
  • eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap
  • eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap
  • eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap
  • eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap
  • eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap
  • eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap
  • eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap
  • eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap
  • eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap
  • eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap
  • eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap
  • eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap
  • eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap
  • eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap
  • eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap
  • eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap
  • eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap
  • eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap
  • eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap
  • eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap
  • eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap
  • eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap
  • eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap
  • eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap
  • eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap
  • eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap
  • eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap
  • eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap
  • eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap
  • eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap
  • eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap
  • eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap
  • eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap
  • eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap
  • eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap
  • eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap
  • eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap
  • eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap
  • eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap
  • eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap
  • eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap
  • eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap
  • eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap
  • eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap
  • eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap
  • eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap
  • eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap
  • eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap
  • eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap
  • eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap
  • eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap
  • eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap
  • eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap
  • eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap
  • eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap
  • eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap
  • eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap
  • eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap
  • eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap
  • eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap
  • eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap
  • eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap
  • eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap
  • eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap
  • eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap
  • eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap
  • eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap
  • eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap
  • eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap
  • eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap
  • eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap
  • eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap
  • eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap
  • eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap
  • eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap
  • eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap
  • eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap
  • eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap
  • eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap
  • eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap
  • eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap
  • eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap
  • eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap
  • eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap
  • eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap
  • eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap
  • eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap
  • eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap

References